newsyslog(8) patch for both size and time checks

[Dmitry Morozovsky]

Dear colleagues,

for now, if log is configured to be rotated in time manner, its size is not 
checked, so /var/log may be DoSed by some service (in our case, it was mad DHCP 
client which fills up our /var/log with dhcpd log; our newsyslog.conf line was

/var/log/dhcpd				640  5     5000	@T00	JC

The following simple patch should fix the problem. Any objection to commit 
this?

Thanks.

Index: usr.sbin/newsyslog/newsyslog.c
===================================================================
RCS file: /home/ncvs/src/usr.sbin/newsyslog/newsyslog.c,v
retrieving revision 1.107.2.1
diff -u -r1.107.2.1 newsyslog.c
--- usr.sbin/newsyslog/newsyslog.c	8 Mar 2008 01:00:25 -0000	1.107.2.1
+++ usr.sbin/newsyslog/newsyslog.c	12 May 2009 09:48:00 -0000
@@ -466,7 +466,8 @@
 			printf("does not exist, skipped%s.\n", temp_reason);
 		}
 	} else {
-		if (ent->flags & CE_TRIMAT && !force && !rotatereq) {
+		if ((ent->trsize < 0 || ent->fsize < ent->trsize) && 
+		    ent->flags & CE_TRIMAT && !force && !rotatereq) {
 			diffsecs = ptimeget_diff(timenow, ent->trim_at);
 			if (diffsecs < 0.0) {
 				/* trim_at is some time in the future. */


-- 
Sincerely,
D.Marck                                     [DM5020, MCK-RIPE, DM3-RIPN]
[ FreeBSD committer:                                 marck at FreeBSD.org ]
------------------------------------------------------------------------
*** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck at rinet.ru ***
------------------------------------------------------------------------