Bug #116
libprelude modifies argv value which causes SIGHUP to malfunction
Start date:
Due date:
% Done:
0%
Resolution:
fixed
Description
Problems¶
Sighup hander does not function properly because libprelude (prelude-option.c) modifies argv values. The details are as follow:- parse_argument() called reorder_argv() which removes option values from argv.
- It causes sighup handler functions in prelude-manager (preldue-manager-0.9.1/src/prelude-manager.c:restart_manager()) and prelude-lml (prelude-lml-0.9.1/src/prelude-lml.c:handle_sighup_if_needed()) to malfunction.
- When the program is started, the global_argv, which is the value after parse_argument(), is assigned. Therefore, when SIGHUP is received, both prelude-manager and prelude-lml will not be executed with the same parameters when they first started.
- Example:
- Executing prelude-lml with these parameters "prelude-lml --text-output lml-alert.log"
- After receiving SIGHUP, prelude-lml is executed with the parameters "prelude-lml lml-alert.log" (--text-output is removed by reorder_argv() function)
Solutions¶
1. Do not call reorder_argv in libprelude/src/prelude-option.c or
2. Make a copy of argv in prelude-lml and prelude-manager and pass the copy to execvp() instead of global_argv
History
#1 Updated by Yoann VANDOORSELAERE over 17 years ago
- Status changed from New to Assigned
#2 Updated by Yoann VANDOORSELAERE over 17 years ago
Experimental patch attached. Could you please try and report whether it break things or solve your issues with existing Prelude module ?
#3 Updated by Yoann VANDOORSELAERE over 17 years ago
- Status changed from Assigned to Closed
- Resolution set to fixed
Fixed in r7562
#4 Updated by Yoann VANDOORSELAERE about 14 years ago
- Project changed from PRELUDE SIEM to Libprelude
- Category deleted (
1) - Target version deleted (
0.9.2)