!121 [sync] master例行回合rsyslog软件包社区开源补丁

From: @linzhuorong 
Reviewed-by: @yanan-rock 
Signed-off-by: @yanan-rock

backport-GNUTls-Driver-Fix-memory-leaks-in-gtlsInitC.patch

@@ -0,0 +1,54 @@
+From 0f06a850ced79244774734ed525b289f2930d9c7 Mon Sep 17 00:00:00 2001
+From: Andre lorbach <alorbach@adiscon.com>
+Date: Thu, 11 May 2023 16:49:11 +0200
+Subject: [PATCH] [backport] GNUTls Driver: Fix memory leaks in gtlsInitCred
+
+Missing CA Certificate or multiple Connections caused
+a memory leak in pThis->xcred as it was allocated each time in
+gtlsInitCred by gnutls_certificate_allocate_credentials
+
+closes: https://github.com/rsyslog/rsyslog/issues/5135
+
+---
+
+Conflict:NA
+Type:bugfix
+Reference:https://github.com/rsyslog/rsyslog/commit/3401d687d2d5f9556165b53be79fbe4dc49b8c79
+
+---
+---
+ runtime/nsd_gtls.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c
+index e003d85d3..91cffb500 100644
+--- a/runtime/nsd_gtls.c
++++ b/runtime/nsd_gtls.c
+@@ -711,7 +711,10 @@ gtlsInitCred(nsd_gtls_t *const pThis )
+ 	DEFiRet;
+ 
+ 	/* X509 stuff */
+-	CHKgnutls(gnutls_certificate_allocate_credentials(&pThis->xcred));
++	if (pThis->xcred == NULL) {
++		/* Allocate only ONCE */
++		CHKgnutls(gnutls_certificate_allocate_credentials(&pThis->xcred));
++	}
+ 
+ 	/* sets the trusted cas file */
+ 	cafile = (pThis->pszCAFile == NULL) ? glbl.GetDfltNetstrmDrvrCAF(runConf) : pThis->pszCAFile;
+@@ -2277,7 +2280,12 @@ finalize_it:
+ 		if(pThis->bHaveSess) {
+ 			gnutls_deinit(pThis->sess);
+ 			pThis->bHaveSess = 0;
++			/* Free memory using gnutls api first*/
++			gnutls_certificate_free_credentials(pThis->xcred);
+ 			pThis->xcred = NULL;
++			/* Free other memory */
++			free(pThis->pszConnectHost);
++			pThis->pszConnectHost = NULL;
+ 		}
+ 	}
+ 
+-- 
+2.33.0
+

backport-bugfix-prevent-pot.-segfault-when-switchung.patch

@@ -0,0 +1,57 @@
+From 1807410d18519520ed813dd4b9d2b2d34e583415 Mon Sep 17 00:00:00 2001
+From: Rainer Gerhards <rgerhards@adiscon.com>
+Date: Sun, 30 Oct 2022 18:43:26 +0100
+Subject: [PATCH] [backport] bugfix: prevent pot. segfault when switchung to
+ queue emergency mode
+
+When switching to Disk queue emergency mode, we destructed the in-memory
+queue object.  Practice has shown that this MAY cause races during
+destruction which themselfs can lead to segfault. For that reason, we
+now keep the disk queueu object. This will keep some ressources,
+including disk space, allocated. But  we prefer that over a segfault.
+After all, it only happens after a serious queue error when we are
+already at the edge of hard problems.
+
+see also: https://github.com/rsyslog/rsyslog/issues/4963
+
+---
+
+Conflict:NA
+Type:bugfix
+Reference:https://github.com/rsyslog/rsyslog/commit/eaac48d0d23afe0146454cd9f5004ddcb47cc81b
+
+---
+---
+ runtime/queue.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/runtime/queue.c b/runtime/queue.c
+index b3fdd5101..856b4df25 100644
+--- a/runtime/queue.c
++++ b/runtime/queue.c
+@@ -794,8 +794,12 @@ static rsRetVal qDelLinkedList(qqueue_t *pThis)
+ /* The following function is used to "save" ourself from being killed by
+  * a fatally failed disk queue. A fatal failure is, for example, if no
+  * data can be read or written. In that case, the disk support is disabled,
+- * with all on-disk structures kept as-is as much as possible. Instead, the
+- * queue is switched to direct mode, so that at least
++ * with all on-disk structures kept as-is as much as possible. However,
++ * we do not really stop or destruct the in-memory disk queue object.
++ * Practice has shown that this may cause races during destruction which
++ * themselfs can lead to segfault. So we prefer to was some ressources by
++ * keeping the queue active.
++ * Instead, the queue is switched to direct mode, so that at least
+  * some processing can happen. Of course, this may still have lots of
+  * undesired side-effects, but is probably better than aborting the
+  * syslogd. Note that this function *must* succeed in one way or another, as
+@@ -808,7 +812,6 @@ queueSwitchToEmergencyMode(qqueue_t *pThis, rsRetVal initiatingError)
+ {
+ 	pThis->iQueueSize = 0;
+ 	pThis->nLogDeq = 0;
+-	qDestructDisk(pThis); /* free disk structures */
+ 
+ 	pThis->qType = QUEUETYPE_DIRECT;
+ 	pThis->qConstruct = qConstructDirect;
+-- 
+2.12.3
+

backport-core-bugfix-using-uuid-msg-prop-can-deadloc.patch

@@ -0,0 +1,84 @@
+From deefc958c388995fac99c581284fb86eb9653ece Mon Sep 17 00:00:00 2001
+From: Rainer Gerhards <rgerhards@adiscon.com>
+Date: Thu, 23 Mar 2023 10:58:32 +0100
+Subject: [PATCH] [backport] core/bugfix: using $uuid msg prop can deadlock
+ rsyslog on shutdown
+
+This problem can occur if a large number of threads is used and rsyslog
+cannot shut down all queues etc within the regular time interval. In this
+case, it cancels some threads. That can leave the mutex guarding libuuid
+calls locked and thus prevents other, not yet cancelled threads from
+progressing. Assuming pthread_mutex_lock() is not a cancellation point,
+this will case these other threads to hang forever and thus create a
+deadlock situation.
+
+closes https://github.com/rsyslog/rsyslog/issues/5104
+
+---
+
+Conflict:NA
+Type:bugfix
+Reference:https://github.com/rsyslog/rsyslog/commit/82687e14fbf3d854e8cc954efb9fb0efa69a28d2
+
+---
+---
+ runtime/msg.c | 19 ++++++++++++-------
+ 1 file changed, 12 insertions(+), 7 deletions(-)
+
+diff --git a/runtime/msg.c b/runtime/msg.c
+index 73b7cec80..a3ddb8684 100644
+--- a/runtime/msg.c
++++ b/runtime/msg.c
+@@ -7,7 +7,7 @@
+  * of the "old" message code without any modifications. However, it
+  * helps to have things at the right place one we go to the meat of it.
+  *
+- * Copyright 2007-2022 Rainer Gerhards and Adiscon GmbH.
++ * Copyright 2007-2023 Rainer Gerhards and Adiscon GmbH.
+  *
+  * This file is part of the rsyslog runtime library.
+  *
+@@ -1618,13 +1618,22 @@ msgSetPRI(smsg_t *const __restrict__ pMsg, syslog_pri_t pri)
+ /* note: libuuid seems not to be thread-safe, so we need
+  * to get some safeguards in place.
+  */
++static pthread_mutex_t mutUUID = PTHREAD_MUTEX_INITIALIZER;
++
++static void call_uuid_generate(uuid_t uuid)
++{
++	pthread_mutex_lock(&mutUUID);
++	pthread_cleanup_push(mutexCancelCleanup, &mutUUID);
++	uuid_generate(uuid);
++	pthread_cleanup_pop(1);
++}
++
+ static void msgSetUUID(smsg_t * const pM)
+ {
+ 	size_t lenRes = sizeof(uuid_t) * 2 + 1;
+ 	char hex_char [] = "0123456789ABCDEF";
+ 	unsigned int byte_nbr;
+ 	uuid_t uuid;
+-	static pthread_mutex_t mutUUID = PTHREAD_MUTEX_INITIALIZER;
+ 
+ 	dbgprintf("[MsgSetUUID] START, lenRes %llu\n", (long long unsigned) lenRes);
+ 	assert(pM != NULL);
+@@ -1632,9 +1641,7 @@ static void msgSetUUID(smsg_t * const pM)
+ 	if((pM->pszUUID = (uchar*) malloc(lenRes)) == NULL) {
+ 		pM->pszUUID = (uchar *)"";
+ 	} else {
+-		pthread_mutex_lock(&mutUUID);
+-		uuid_generate(uuid);
+-		pthread_mutex_unlock(&mutUUID);
++		call_uuid_generate(uuid);
+ 		for (byte_nbr = 0; byte_nbr < sizeof (uuid_t); byte_nbr++) {
+ 			pM->pszUUID[byte_nbr * 2 + 0] = hex_char[uuid [byte_nbr] >> 4];
+ 			pM->pszUUID[byte_nbr * 2 + 1] = hex_char[uuid [byte_nbr] & 15];
+@@ -5352,5 +5359,3 @@ BEGINObjClassInit(msg, 1, OBJ_IS_CORE_MODULE)
+ 	INIT_ATOMIC_HELPER_MUT(mutTrimCtr);
+ #	endif
+ ENDObjClassInit(msg)
+-/* vim:set ai:
+- */
+-- 
+2.12.3
+

backport-imjournal-add-second-fallback-to-_COMM.patch

@@ -0,0 +1,38 @@
+From 45900dd550e0aca724a4ec66c2833de3d27565e1 Mon Sep 17 00:00:00 2001
+From: alakatos <alakatos@redhat.com>
+Date: Mon, 31 Oct 2022 14:40:12 +0100
+Subject: [PATCH] [backport] imjournal: add second fallback to _COMM
+
+If SYSLOG_IDENTIFIER is not present in the journal message,
+then lookup the _COMM field, which stands for the name
+of the process the journal entry originates from. This is
+needed in order to be in compliance with the journalctl
+output.
+
+---
+
+Conflict:NA
+Type:bugfix
+Reference:https://github.com/rsyslog/rsyslog/commit/fb5ae30e6ac4dc584dd9c5463e27e7fc5e9060a4
+
+---
+---
+ plugins/imjournal/imjournal.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/plugins/imjournal/imjournal.c b/plugins/imjournal/imjournal.c
+index 6fb3b7a07..4d9e59966 100644
+--- a/plugins/imjournal/imjournal.c
++++ b/plugins/imjournal/imjournal.c
+@@ -453,6 +453,8 @@ readjournal(void)
+ 	/* Get message identifier, client pid and add ':' */
+ 	if (journalGetData("SYSLOG_IDENTIFIER", &get, &length) >= 0) {
+ 		CHKiRet(sanitizeValue(((const char *)get) + 18, length - 18, &sys_iden));
++	} else if (journalGetData("_COMM", &get, &length) >= 0) {
++		CHKiRet(sanitizeValue(((const char *)get) + 6, length - 6, &sys_iden));
+ 	} else {
+ 		CHKmalloc(sys_iden = strdup("journal"));
+ 	}
+-- 
+2.12.3
+

rsyslog.spec

@@ -7,7 +7,7 @@
 
 Name:           rsyslog
 Version:        8.2210.0
-Release:        2
+Release:        3
 Summary:        The rocket-fast system for log processing
 License:        (GPLv3+ and ASL 2.0)
 URL:            http://www.rsyslog.com/
@@ -35,6 +35,10 @@ Patch6000:      backport-core-bugfix-local-hostname-invalid-if-no-global-config-
 Patch6001:      backport-imtcp-bugfix-legacy-config-directives-did-no-longer-work.patch
 Patch6002:      backport-core-bugfix-template-system-may-generate-invalid-json.patch
 Patch6003:      backport-omprog-bugfix-invalid-status-handling-at-called-prog.patch
+Patch6004:      backport-imjournal-add-second-fallback-to-_COMM.patch
+Patch6005:      backport-bugfix-prevent-pot.-segfault-when-switchung.patch
+Patch6006:      backport-core-bugfix-using-uuid-msg-prop-can-deadloc.patch
+Patch6007:      backport-GNUTls-Driver-Fix-memory-leaks-in-gtlsInitC.patch
 
 BuildRequires:  gcc autoconf automake bison dos2unix flex pkgconfig python3-docutils libtool
 BuildRequires:  libgcrypt-devel libuuid-devel zlib-devel krb5-devel libnet-devel gnutls-devel
@@ -509,6 +513,15 @@ done
 %{_mandir}/man1/rscryutil.1.gz
 
 %changelog
+* Sun Jun 25 2023 linzhuorong <linzhuorong@huawei.com> - 8.2210.0-3
+- Type:NA
+- ID:NA
+- SUG:NA
+- DESC: imjournal: add second fallback to _COMM
+        bugfix: prevent pot. segfault when switchung to
+        core/bugfix: using $uuid msg prop can deadlock rsyslog on shutdown
+        GNUTls Driver: Fix memory leaks in gtlsInitCred
+
 * Tue Apr 4 2023 pengyi <pengyi37@huawei.com> - 8.2210.0-2
 - Type:bugfix
 - CVE:NA