Bug 241937 - syslogd truncates logged messages to 480 bytes
Summary: syslogd truncates logged messages to 480 bytes
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: standards (show other bugs)
Version: 11.3-RELEASE
Hardware: Any Any
: --- Affects Many People
Assignee: Mark Johnston
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-11-13 06:22 UTC by Kurt Jaeger
Modified: 2021-05-14 13:57 UTC (History)
6 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Kurt Jaeger freebsd_committer 2019-11-13 06:22:10 UTC
A change to bring syslogd into RFC5426 land *enforces* a max. length of 480 characters, while the RFC clearly states:

3.2.  Message Size

[...]
   IPv4 syslog receivers MUST be able to receive datagrams with message
   sizes up to and including 480 octets.  IPv6 syslog receivers MUST be
   able to receive datagrams with message sizes up to and including 1180
   octets.  All syslog receivers SHOULD be able to receive datagrams
   with message sizes of up to and including 2048 octets.  The ability
   to receive larger messages is encouraged.

So, please, issue a fix for this. The size the implementation must
minimaly support should not be the size the implementation can maximally support.

See also:
https://reviews.freebsd.org/D15011
https://lists.freebsd.org/pipermail/freebsd-stable/2019-November/091695.html
Comment 1 Scott Aitken 2019-11-18 12:05:56 UTC
Hi Kurt,

this bugs affects everyone - is there any value in updating it?  I can't change it myself.

Scott
Comment 2 Patrik Hildingsson 2020-09-22 21:38:07 UTC
This bug is still in 12.1-RELEASE and is causing lots of confusion. 

Using -O bsd/rfc3164 should not truncate outbound IPv4/IPv6 syslog messages, while issuing syslogd with -O syslog/rfc5424 should truncate outbound IPv4 messages at 480 octets and IPv6 messages at 1180 octets.

By reading syslogd.c it is clear that the truncating of message happens regardless of which option was set.

I would appreciate it very much if someone with better knowledge than I could propose a patch.
Comment 3 Patrik Hildingsson 2020-10-19 06:51:10 UTC
To further pinpoint the issue, the error occurs while relaying syslog from one UDP source to a UDP destination. Other variants have not been tested by me.
Comment 4 commit-hook freebsd_committer 2021-03-23 16:53:15 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=2d82b47a5b4ef18550565dd55628d51f54d0af2e

commit 2d82b47a5b4ef18550565dd55628d51f54d0af2e
Author:     Dmitry Wagin <dmitry.wagin@ya.ru>
AuthorDate: 2021-03-23 16:15:28 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-03-23 16:49:58 +0000

    syslogd: Increase message size limits

    Add a -M option to control the maximum length of forwarded messages.
    syslogd(8) used to truncate forwarded messages to 1024 bytes, but after
    commit 1a874a126a54 ("Add RFC 5424 syslog message output to syslogd.")
    applies a more conservative limit of 480 bytes for IPv4 per RFC 5426
    section 3.2.  Restore the old default behaviour of truncating to 1024
    bytes.  RFC 5424 specifies no upper limit on the length of forwarded
    messages, while for RFC 3164 the limit is 1024 bytes.

    Increase MAXLINE to 8192 bytes to correspond to commit 672ef817a192.

    Replaced bootfile[] size for MAXPATHLEN used in getbootfile(3) as a
    returned value. Using (MAXLINE+1) as a size for bootfile[] is excessive.

    PR:             241937
    MFC after:      1 month
    Differential Revision:  https://reviews.freebsd.org/D27206

 usr.sbin/syslogd/syslogd.8 |  6 ++++++
 usr.sbin/syslogd/syslogd.c | 33 +++++++++++++++++++++------------
 2 files changed, 27 insertions(+), 12 deletions(-)
Comment 5 Boris Korzun 2021-05-14 11:28:53 UTC
What about MFC?
Comment 6 Mark Johnston freebsd_committer 2021-05-14 13:57:51 UTC
(In reply to Boris Korzun from comment #5)
Done, thanks for the reminder.

I believe the issue is resolved, please re-open if you disagree.
Comment 7 commit-hook freebsd_committer 2021-05-14 13:57:57 UTC
A commit in branch stable/13 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=55b6c85e0c25ff6cb6e6529cad53abdd6cfae835

commit 55b6c85e0c25ff6cb6e6529cad53abdd6cfae835
Author:     Dmitry Wagin <dmitry.wagin@ya.ru>
AuthorDate: 2021-03-23 16:15:28 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2021-05-14 13:56:17 +0000

    syslogd: Increase message size limits

    Add a -M option to control the maximum length of forwarded messages.
    syslogd(8) used to truncate forwarded messages to 1024 bytes, but after
    commit 1a874a126a54 ("Add RFC 5424 syslog message output to syslogd.")
    applies a more conservative limit of 480 bytes for IPv4 per RFC 5426
    section 3.2.  Restore the old default behaviour of truncating to 1024
    bytes.  RFC 5424 specifies no upper limit on the length of forwarded
    messages, while for RFC 3164 the limit is 1024 bytes.

    Increase MAXLINE to 8192 bytes to correspond to commit 672ef817a192.

    Replaced bootfile[] size for MAXPATHLEN used in getbootfile(3) as a
    returned value. Using (MAXLINE+1) as a size for bootfile[] is excessive.

    PR:             241937
    Differential Revision:  https://reviews.freebsd.org/D27206

    (cherry picked from commit 2d82b47a5b4ef18550565dd55628d51f54d0af2e)

 usr.sbin/syslogd/syslogd.8 |  6 ++++++
 usr.sbin/syslogd/syslogd.c | 33 +++++++++++++++++++++------------
 2 files changed, 27 insertions(+), 12 deletions(-)