Removed test to detect control characters > 0x20 as this prevented

characters encoded in UTF-8 to be properly passed through.  This
prevented a security-related patch by Solar Designer (1.29).

References:
  Debian Bug#315605 <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=315605>
  RedHat Bug#89292  <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=89292>

diff --git a/syslogd.c b/syslogd.c
index fb4cca2..9049446 100644 (file)
--- a/syslogd.c
+++ b/syslogd.c
@@ -417,12 +417,6 @@ static char sccsid[] = "@(#)syslogd.c      5.27 (Berkeley) 10/10/88";
  *     file is defined in the used libc and should not be hardcoded
  *     into the syslogd binary referring the system it was compiled on.
  *
- * Sun Sep 17 20:45:33 CEST 2000: Martin Schulze <joey@infodrom.ffis.de>
- *     Fixed some bugs in printline() code that did not escape
- *     control characters '\177' through '\237' and contained a
- *     single-byte buffer overflow.  Thanks to Solar Designer
- *     <solar@false.com>.
- *
  * Sun Sep 17 21:26:16 CEST 2000: Martin Schulze <joey@infodrom.ffis.de>
  *     Don't close open sockets upon reload.  Thanks to Bill
  *     Nottingham.
@@ -1494,16 +1488,11 @@ void printline(hname, msg)
        memset (line, 0, sizeof(line));
        q = line;
        while ((c = *p++) && q < &line[sizeof(line) - 4]) {
-               if (c == '\n')
+               if (c == '\n' || c == 127)
                        *q++ = ' ';
                else if (c < 040) {
                        *q++ = '^';
                        *q++ = c ^ 0100;
-               } else if (c == 0177 || (c & 0177) < 040) {
-                       *q++ = '\\';
-                       *q++ = '0' + ((c & 0300) >> 6);
-                       *q++ = '0' + ((c & 0070) >> 3);
-                       *q++ = '0' + (c & 0007);
                } else
                        *q++ = c;
        }