diff --git a/CHANGES b/CHANGES index 511eadb926..693ea4fcd4 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,12 @@ +2.3-447 | 2015-02-23 16:28:30 -0800 + + * Fix potential crash in logging framework when deserializing + WriterInfo from remote. where config is present. Testcase crashes + on unpatched versions of Bro. (Aaron Eppert) + + * Fix wrong value test in WriterBackend. (Aaron Eppert) + 2.3-442 | 2015-02-23 13:29:30 -0800 * Add a "local_resp" field to conn.log, along the lines of the diff --git a/VERSION b/VERSION index b55001ad1b..e4a98f531b 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.3-442 +2.3-447 diff --git a/src/logging/WriterBackend.cc b/src/logging/WriterBackend.cc index 35d3137c76..54eb501ccb 100644 --- a/src/logging/WriterBackend.cc +++ b/src/logging/WriterBackend.cc @@ -84,12 +84,12 @@ bool WriterBackend::WriterInfo::Read(SerializationFormat* fmt) config.clear(); - while ( size ) + while ( size-- ) { string value; string key; - if ( ! (fmt->Read(&value, "config-value") && fmt->Read(&value, "config-key")) ) + if ( ! (fmt->Read(&value, "config-value") && fmt->Read(&key, "config-key")) ) return false; config.insert(std::make_pair(copy_string(value.c_str()), copy_string(key.c_str()))); diff --git a/testing/btest/Baseline/scripts.base.frameworks.logging.remote-config/sender.test.failure.log b/testing/btest/Baseline/scripts.base.frameworks.logging.remote-config/sender.test.failure.log new file mode 100644 index 0000000000..41b8544db1 --- /dev/null +++ b/testing/btest/Baseline/scripts.base.frameworks.logging.remote-config/sender.test.failure.log @@ -0,0 +1,4 @@ +t id.orig_h id.orig_p id.resp_h id.resp_p status country +1424728450.994495 1.2.3.4 1234 2.3.4.5 80 failure US +1424728450.994495 1.2.3.4 1234 2.3.4.5 80 failure UK +1424728450.994495 1.2.3.4 1234 2.3.4.5 80 failure MX diff --git a/testing/btest/Baseline/scripts.base.frameworks.logging.remote-config/sender.test.log b/testing/btest/Baseline/scripts.base.frameworks.logging.remote-config/sender.test.log new file mode 100644 index 0000000000..f84ccde80c --- /dev/null +++ b/testing/btest/Baseline/scripts.base.frameworks.logging.remote-config/sender.test.log @@ -0,0 +1,14 @@ +#separator \x09 +#set_separator , +#empty_field (empty) +#unset_field - +#path test +#open 2015-02-23-21-54-13 +#fields t id.orig_h id.orig_p id.resp_h id.resp_p status country +#types time addr port addr port string string +1424728450.994495 1.2.3.4 1234 2.3.4.5 80 success unknown +1424728450.994495 1.2.3.4 1234 2.3.4.5 80 failure US +1424728450.994495 1.2.3.4 1234 2.3.4.5 80 failure UK +1424728450.994495 1.2.3.4 1234 2.3.4.5 80 success BR +1424728450.994495 1.2.3.4 1234 2.3.4.5 80 failure MX +#close 2015-02-23-21-54-13 diff --git a/testing/btest/Baseline/scripts.base.frameworks.logging.remote-config/sender.test.success.log b/testing/btest/Baseline/scripts.base.frameworks.logging.remote-config/sender.test.success.log new file mode 100644 index 0000000000..35f497fd0d --- /dev/null +++ b/testing/btest/Baseline/scripts.base.frameworks.logging.remote-config/sender.test.success.log @@ -0,0 +1,11 @@ +#separator \x09 +#set_separator , +#empty_field (empty) +#unset_field - +#path test.success +#open 2015-02-23-21-54-13 +#fields t id.orig_h id.orig_p id.resp_h id.resp_p status country +#types time addr port addr port string string +1424728450.994495 1.2.3.4 1234 2.3.4.5 80 success unknown +1424728450.994495 1.2.3.4 1234 2.3.4.5 80 success BR +#close 2015-02-23-21-54-13 diff --git a/testing/btest/scripts/base/frameworks/logging/remote-config.bro b/testing/btest/scripts/base/frameworks/logging/remote-config.bro new file mode 100644 index 0000000000..9fd94acc7d --- /dev/null +++ b/testing/btest/scripts/base/frameworks/logging/remote-config.bro @@ -0,0 +1,94 @@ +# @TEST-SERIALIZE: comm +# +# @TEST-EXEC: btest-bg-run sender bro -b --pseudo-realtime %INPUT ../sender.bro +# @TEST-EXEC: sleep 1 +# @TEST-EXEC: btest-bg-run receiver bro -b --pseudo-realtime %INPUT ../receiver.bro +# @TEST-EXEC: sleep 1 +# @TEST-EXEC: btest-bg-wait 15 +# @TEST-EXEC: btest-diff sender/test.log +# @TEST-EXEC: btest-diff sender/test.failure.log +# @TEST-EXEC: btest-diff sender/test.success.log +# @TEST-EXEC: ( cd sender && for i in *.log; do cat $i | $SCRIPTS/diff-remove-timestamps >c.$i; done ) +# @TEST-EXEC: ( cd receiver && for i in *.log; do cat $i | $SCRIPTS/diff-remove-timestamps >c.$i; done ) +# @TEST-EXEC: cmp receiver/c.test.log sender/c.test.log +# @TEST-EXEC: cmp receiver/c.test.failure.log sender/c.test.failure.log +# @TEST-EXEC: cmp receiver/c.test.success.log sender/c.test.success.log + +# This is the common part loaded by both sender and receiver. +module Test; + +export { + # Create a new ID for our log stream + redef enum Log::ID += { LOG }; + + # Define a record with all the columns the log file can have. + # (I'm using a subset of fields from ssh-ext for demonstration.) + type Log: record { + t: time; + id: conn_id; # Will be rolled out into individual columns. + status: string &optional; + country: string &default="unknown"; + } &log; +} + +event bro_init() +{ + Log::create_stream(Test::LOG, [$columns=Log]); + Log::add_filter(Test::LOG, [$name="f1", $path="test.success", $pred=function(rec: Log): bool { return rec$status == "success"; }]); +} + +##### + +@TEST-START-FILE sender.bro + +@load frameworks/communication/listen + +module Test; + +function fail(rec: Log): bool + { + return rec$status != "success"; + } + +event remote_connection_handshake_done(p: event_peer) + { + local config: table[string] of string; + config["tsv"] = "T"; + Log::add_filter(Test::LOG, [$name="f2", $path="test.failure", $pred=fail, $config=config]); + + local cid = [$orig_h=1.2.3.4, $orig_p=1234/tcp, $resp_h=2.3.4.5, $resp_p=80/tcp]; + + local r: Log = [$t=network_time(), $id=cid, $status="success"]; + + # Log something. + Log::write(Test::LOG, r); + Log::write(Test::LOG, [$t=network_time(), $id=cid, $status="failure", $country="US"]); + Log::write(Test::LOG, [$t=network_time(), $id=cid, $status="failure", $country="UK"]); + Log::write(Test::LOG, [$t=network_time(), $id=cid, $status="success", $country="BR"]); + Log::write(Test::LOG, [$t=network_time(), $id=cid, $status="failure", $country="MX"]); + disconnect(p); + } + +event remote_connection_closed(p: event_peer) + { + terminate(); + } + +@TEST-END-FILE + +@TEST-START-FILE receiver.bro + +##### + +@load base/frameworks/communication + +redef Communication::nodes += { + ["foo"] = [$host = 127.0.0.1, $connect=T, $request_logs=T] +}; + +event remote_connection_closed(p: event_peer) + { + terminate(); + } + +@TEST-END-FILE