From 373f5d38e3c8fbc4bc466312c659974d31a68ac4 Mon Sep 17 00:00:00 2001

From: Jakub Filak <jfilak@redhat.com>

Date: Wed, 30 Sep 2015 12:17:47 +0200

Subject: [PATCH] conf: introduce DebugLevel

ABRT should ignore problems caused by ABRT tools if DebugLevel == 0.

DebugLevel is set to 0 by default.

Related to CVE-2015-5287

Related: #1262252

Signed-off-by: Jakub Filak <jfilak@redhat.com>

---

 doc/abrt.conf.txt     |  8 ++++++++

 src/daemon/abrt.conf  |  8 ++++++++

 src/include/libabrt.h |  2 ++

 src/lib/abrt_conf.c   | 14 ++++++++++++++

 4 files changed, 32 insertions(+)

diff --git a/doc/abrt.conf.txt b/doc/abrt.conf.txt

index d782e3d..7ef78f0 100644

--- a/doc/abrt.conf.txt

+++ b/doc/abrt.conf.txt

@@ -36,6 +36,14 @@ DeleteUploaded = 'yes/no'::

    or not.

    The default value is 'no'.

+DebugLevel = '0-100':

+   Allows ABRT tools to detect problems in ABRT itself. By increasing the value

+   you can force ABRT to detect, process and report problems in ABRT. You have

+   to bare in mind that ABRT might fall into an infinite loop when handling

+   problems caused by itself.

+   The default is 0 (non debug mode).

+

+

 SEE ALSO

 --------

 abrtd(8)

diff --git a/src/daemon/abrt.conf b/src/daemon/abrt.conf

index 2a83f8e..24df20b 100644

--- a/src/daemon/abrt.conf

+++ b/src/daemon/abrt.conf

@@ -51,3 +51,11 @@ AutoreportingEnabled = no

 #  THE PROBLEM DATA CONTAINS EXCERPTS OF /var/log/messages, dmesg AND sosreport

 #  data GENERATED BY abrtd UNDER THE USER root.

 PrivateReports = yes

+

+# Allows ABRT tools to detect problems in ABRT itself. By increasing the value

+# you can force ABRT to detect, process and report problems in ABRT. You have

+# to bare in mind that ABRT might fall into an infinite loop when handling

+# problems caused by itself.

+# The default is 0 (non debug mode).

+#

+# DebugLevel = 0

diff --git a/src/include/libabrt.h b/src/include/libabrt.h

index 3b17a64..21ce440 100644

--- a/src/include/libabrt.h

+++ b/src/include/libabrt.h

@@ -70,6 +70,8 @@ extern char *        g_settings_autoreporting_event;

 extern bool          g_settings_shortenedreporting;

 #define g_settings_privatereports abrt_g_settings_privatereports

 extern bool          g_settings_privatereports;

+#define g_settings_debug_level abrt_g_settings_debug_level

+extern unsigned int  g_settings_debug_level;

 #define load_abrt_conf abrt_load_abrt_conf

diff --git a/src/lib/abrt_conf.c b/src/lib/abrt_conf.c

index c6aba58..4a49032 100644

--- a/src/lib/abrt_conf.c

+++ b/src/lib/abrt_conf.c

@@ -28,6 +28,7 @@ bool          g_settings_autoreporting = 0;

 char *        g_settings_autoreporting_event = NULL;

 bool          g_settings_shortenedreporting = 0;

 bool          g_settings_privatereports = true;

+unsigned int  g_settings_debug_level = 0;

 void free_abrt_conf_data()

 {

@@ -110,6 +111,19 @@ static void ParseCommon(map_string_t *settings, const char *conf_filename)

         remove_map_string_item(settings, "PrivateReports");

     }

+    value = get_map_string_item_or_NULL(settings, "DebugLevel");

+    if (value)

+    {

+        char *end;

+        errno = 0;

+        unsigned long ul = strtoul(value, &end, 10);

+        if (errno || end == value || *end != '\0' || ul > INT_MAX)

+            error_msg("Error parsing %s setting: '%s'", "DebugLevel", value);

+        else

+            g_settings_debug_level = ul;

+        remove_map_string_item(settings, "DebugLevel");

+    }

+

     GHashTableIter iter;

     const char *name;

     /*char *value; - already declared */

-- 

1.8.3.1