git: 690427066047 - main - syslogd: Fix ereregex property filters and add test
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 29 Mar 2026 03:44:04 UTC
The branch main has been updated by ngie:
URL: https://cgit.FreeBSD.org/src/commit/?id=69042706604752f42072f422671a72c49343ac45
commit 69042706604752f42072f422671a72c49343ac45
Author: tzyt <zyt2006613@outlook.com>
AuthorDate: 2026-03-22 08:40:57 +0000
Commit: Enji Cooper <ngie@FreeBSD.org>
CommitDate: 2026-03-29 03:43:42 +0000
syslogd: Fix ereregex property filters and add test
This change fixes Bug 293879, where ereregex filters in syslogd
did not handle alternation correctly.
The issue appears to come from mixing up two different kinds of
flags: syslogd's internal serialized filter flags in
usr.sbin/syslogd/syslogd.h, and the regex compilation flags from
include/regex.h. ereregex was storing REG_EXTENDED in cmp_flags,
even though cmp_flags is meant to carry syslogd's own FILT_FLAG_*
values for configuration serialization and reconstruction.
REG_EXTENDED has the same bit value as FILT_FLAG_EXCLUDE, so the
filter could be reconstructed with the wrong semantics.
The fix stores FILT_FLAG_EXTENDED instead, allowing syslogd to
correctly REG_EXTENDED when compiling the regex.
A test was also added for both ereregex and !ereregex filters.
PR: 293879
Signed-off-by: tzyt <zyt2006613@outlook.com>
Fixes: 2567168dc4986
MFC after: 1 week
Reviewed-by: markj, ngie
Pull-Request: https://github.com/freebsd/freebsd-src/pull/2088
---
usr.sbin/syslogd/syslogd.c | 2 +-
usr.sbin/syslogd/tests/syslogd_test.sh | 22 ++++++++++++++++++++++
2 files changed, 23 insertions(+), 1 deletion(-)
diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c
index dcc74b1a93c1..59cb56fd5970 100644
--- a/usr.sbin/syslogd/syslogd.c
+++ b/usr.sbin/syslogd/syslogd.c
@@ -2820,7 +2820,7 @@ prop_filter_compile(const char *cfilter)
pfilter.cmp_type = FILT_CMP_REGEX;
else if (strcasecmp(argv[1], "ereregex") == 0) {
pfilter.cmp_type = FILT_CMP_REGEX;
- pfilter.cmp_flags |= REG_EXTENDED;
+ pfilter.cmp_flags |= FILT_FLAG_EXTENDED;
} else {
dprintf("unknown cmp function");
goto error;
diff --git a/usr.sbin/syslogd/tests/syslogd_test.sh b/usr.sbin/syslogd/tests/syslogd_test.sh
index 1f235c476c49..253a26258959 100644
--- a/usr.sbin/syslogd/tests/syslogd_test.sh
+++ b/usr.sbin/syslogd/tests/syslogd_test.sh
@@ -238,6 +238,28 @@ prop_filter_body()
syslogd_check_log_nomatch "prop1: FreeBSD"
syslogd_check_log_nomatch "prop2: freebsd"
syslogd_check_log "prop3: Solaris"
+
+ printf ":msg,ereregex,\"substring1|substring2\"\nuser.debug\t${SYSLOGD_LOGFILE}\n" \
+ > "${SYSLOGD_CONFIG}"
+ syslogd_reload
+
+ syslogd_log -p user.debug -t "prop1" -h "${SYSLOGD_LOCAL_SOCKET}" "substring1"
+ syslogd_check_log "prop1: substring1"
+ syslogd_log -p user.debug -t "prop2" -h "${SYSLOGD_LOCAL_SOCKET}" "substring2"
+ syslogd_check_log "prop2: substring2"
+ syslogd_log -p user.debug -t "prop3" -h "${SYSLOGD_LOCAL_SOCKET}" "substring3"
+ syslogd_check_log_nomatch "prop3: substring3"
+
+ printf ":msg,!ereregex,\"substring1|substring2\"\nuser.debug\t${SYSLOGD_LOGFILE}\n" \
+ > "${SYSLOGD_CONFIG}"
+ syslogd_reload
+
+ syslogd_log -p user.debug -t "prop1" -h "${SYSLOGD_LOCAL_SOCKET}" "substring1"
+ syslogd_check_log_nomatch "prop1: substring1"
+ syslogd_log -p user.debug -t "prop2" -h "${SYSLOGD_LOCAL_SOCKET}" "substring2"
+ syslogd_check_log_nomatch "prop2: substring2"
+ syslogd_log -p user.debug -t "prop3" -h "${SYSLOGD_LOCAL_SOCKET}" "substring3"
+ syslogd_check_log "prop3: substring3"
}
prop_filter_cleanup()
{