diff options
| author | Jeremy Sowden <jeremy@azazel.net> | 2022-12-03 19:02:12 +0000 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2022-12-08 21:56:01 +0100 |
| commit | bda63ec0e99aaf591470ce2d23aa794d3d6c77ed (patch) | |
| tree | feaea4f0a42657700f9ffb81f868f26fa16622ab | |
| parent | 2ae7a3f96563c6cf3ea21445e7958314b6ca20fb (diff) | |
db: fix back-log capacity checks
Hitherto, when adding queries to the back-log, the memory usage has been
incremented and decremented by the size of the query structure and the
length of the SQL statement, `sizeof(struct db_stmt) + len`. However,
when checking whether there is available capacity to add a new query,
the struct size has been ignored. Amend the check to include the struct
size, and also account for the NULL that terminates the SQL.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | util/db.c | 11 |
1 files changed, 7 insertions, 4 deletions
@@ -404,14 +404,17 @@ static void __format_query_db(struct ulogd_pluginstance *upi, char *start) static int __add_to_backlog(struct ulogd_pluginstance *upi, const char *stmt, unsigned int len) { struct db_instance *di = (struct db_instance *) &upi->private; + unsigned int query_size; struct db_stmt *query; /* check if we are using backlog */ if (di->backlog_memcap == 0) return 0; + query_size = sizeof(*query) + len + 1; + /* check len against backlog */ - if (len + di->backlog_memusage > di->backlog_memcap) { + if (query_size + di->backlog_memcap - di->backlog_memusage) { if (di->backlog_full == 0) ulogd_log(ULOGD_ERROR, "Backlog is full starting to reject events.\n"); @@ -419,7 +422,7 @@ static int __add_to_backlog(struct ulogd_pluginstance *upi, const char *stmt, un return -1; } - query = malloc(sizeof(struct db_stmt)); + query = malloc(sizeof(*query)); if (query == NULL) return -1; @@ -431,7 +434,7 @@ static int __add_to_backlog(struct ulogd_pluginstance *upi, const char *stmt, un return -1; } - di->backlog_memusage += len + sizeof(struct db_stmt); + di->backlog_memusage += query_size; di->backlog_full = 0; llist_add_tail(&query->list, &di->backlog); @@ -489,7 +492,7 @@ static int __treat_backlog(struct ulogd_pluginstance *upi) di->driver->close_db(upi); return _init_reconnect(upi); } else { - di->backlog_memusage -= query->len + sizeof(struct db_stmt); + di->backlog_memusage -= sizeof(*query) + query->len + 1; llist_del(&query->list); free(query->stmt); free(query); |