journal: refuse data which contain invalid fields

author Yu Watanabe <watanabe.yu+github@gmail.com>

Tue, 15 Dec 2020 19:44:31 +0000 (04:44 +0900)

committer Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>

Tue, 2 Feb 2021 13:52:52 +0000 (14:52 +0100)
author Yu Watanabe <watanabe.yu+github@gmail.com>
Tue, 15 Dec 2020 19:44:31 +0000 (04:44 +0900)
committer Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Tue, 2 Feb 2021 13:52:52 +0000 (14:52 +0100)
diff --git a/src/journal/journal-file.c b/src/journal/journal-file.c

index c0aec6fe0ed558d22549f3ed98b1a8902dbe9d09..15336bef3eb2c3be6d8263f7e8781e5120affa68 100644 (file)
--- a/src/journal/journal-file.c
+++ b/src/journal/journal-file.c
@@ -1576,6 +1576,9 @@ static int journal_file_append_field(
          assert(f);
          assert(field && size > 0);
  
+        if (!journal_field_valid(field, size, true))
+                return -EBADMSG;
+
          hash = journal_file_hash_data(f, field, size);
  
          r = journal_file_find_field_object_with_hash(f, field, size, hash, &o, &p);
diff --git a/test/fuzz/fuzz-journal-remote/oss-fuzz-25353 b/test/fuzz/fuzz-journal-remote/oss-fuzz-25353

new file mode 100644 (file)

index 0000000..94e5fbb

Binary files /dev/null and b/test/fuzz/fuzz-journal-remote/oss-fuzz-25353 differ
author	Yu Watanabe <watanabe.yu+github@gmail.com>
	Tue, 15 Dec 2020 19:44:31 +0000 (04:44 +0900)
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
	Tue, 2 Feb 2021 13:52:52 +0000 (14:52 +0100)
src/journal/journal-file.c		patch \| blob \| history
test/fuzz/fuzz-journal-remote/oss-fuzz-25353	[new file with mode: 0644]	patch \| blob