Headline
CVE-2021-46879: pack-gelf: fix OSS-Fuzz issue 5076752961110016 by DavidKorczynski · Pull Request #3100 · fluent/fluent-bit
An issue was discovered in Treasure Data Fluent Bit 1.7.1, a wrong variable is used to get the msgpack data resulting in a heap overflow in flb_msgpack_gelf_value_ext. An attacker can craft a malicious file and tick the victim to open the file with the software, triggering a heap overflow and execute arbitrary code on the target system.
Signed-off-by: davkor [email protected]
This solves an issue in parsing an msgpack-c object related to gelf data. The main problem is that a wrong variable is used to get the msgpack data, and this results in various bugs, amongst other things a heap overflow in flb_msgpack_gelf_value_ext (OSS-Fuzz issue 5076752961110016)
@edsiper please verify this one, i.e. that we need to use v instead of o. v is the variable used all other places for getting the val and val_len variables.
Enter [N/A] in the box, if an item is not applicable to your change.
Testing
Before we can approve your change; please submit the following in a comment:
[N/A] Example configuration file for the change
[N/A] Debug log output from testing the change
[N/A] Attached Valgrind output that shows no leaks or memory corruption was found
Documentation
- [N/A] Documentation required for this feature
Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.