My system is SMP-based x64 running testing. The problem seems to happen only with lines that use continuation. I narrowed "syslog.conf" to this.
> *.=debug;\ > auth,authpriv.none;\ > news.none;mail.none -/var/log/debug It appears that strcpy() is mangling lines that use continuation. Specifically line #2395 in the file "syslogd.c". Here's my `gdb' session. Breakpoint 1, init () at syslogd.c:2395 2395 strcpy(cline, p); (gdb) p cline $3 = 0x7fffffffae39 "\tauth,authpriv.none;\\\n" (gdb) p p $4 = 0x7fffffffae3a "auth,authpriv.none;\\\n" (gdb) n 2397 for (p = strchr(cline, '\0'); isspace(*--p);); (gdb) p cline $5 = 0x7fffffffae39 "auth,authpriv.oone;\\\n" (gdb) p p $6 = <value optimized out> It appears that "cline" and "p" are overlapping buffers. The strcpy() man page says they should not be. So as a test, I created this patch: > --- syslogd.c.0 2007-07-04 13:04:01.000000000 -0600 > +++ syslogd.c 2010-06-29 22:22:42.000000000 -0600 > @@ -2392,7 +2392,8 @@ > if (*p == '\0' || *p == '#') > continue; > #if CONT_LINE > - strcpy(cline, p); > + //strcpy(cline, p); > + memmove(cline, p, 40); > #endif > for (p = strchr(cline, '\0'); isspace(*--p);); > #if CONT_LINE That fixed it. My UP-based 32-bit system running stable doesn't exhibit this problem, but are running the same version of sysklog (1.5-5). That means to me that the problem is with libc6. The libc6 changelog shows June 24 2010 for an update, so the time frame seems about right. Maybe this bug should be filed against libc6? BTW, my workaround was to join continued lines into one. /dc. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
