From 496d91311ede807152fdcf87403c7b8ffbe14824 Mon Sep 17 00:00:00 2001
From: Alexandre Cassen <acassen@gmail.com>
Date: Thu, 26 Jul 2012 17:36:54 +0200
Subject: [PATCH] security: Fix exploitable issue in sighandler !

Do not call/use syslog in signal handler. It can be used in a way to execute
unauthorized code.
---
 keepalived/check/check_daemon.c |    3 ---
 keepalived/core/main.c          |    1 -
 keepalived/vrrp/vrrp_daemon.c   |    3 ---
 3 files changed, 7 deletions(-)

diff --git a/keepalived/check/check_daemon.c b/keepalived/check/check_daemon.c
index ea6c85d..fd1f6b2 100644
--- a/keepalived/check/check_daemon.c
+++ b/keepalived/check/check_daemon.c
@@ -138,8 +138,6 @@
 void
 sighup_check(void *v, int sig)
 {
-	log_message(LOG_INFO, "Reloading Healthchecker child process(%d) on signal",
-		    getpid());
 	thread_add_event(master, reload_check_thread, NULL, 0);
 }
 
@@ -147,7 +145,6 @@
 void
 sigend_check(void *v, int sig)
 {
-	log_message(LOG_INFO, "Terminating Healthchecker child process on signal");
 	if (master)
 		thread_add_terminate_event(master);
 }
diff --git a/keepalived/core/main.c b/keepalived/core/main.c
index c225bdf..c69696c 100644
--- a/keepalived/core/main.c
+++ b/keepalived/core/main.c
@@ -101,7 +101,6 @@
 	int status;
 
 	/* register the terminate thread */
-	log_message(LOG_INFO, "Terminating on signal");
 	thread_add_terminate_event(master);
 
 	if (vrrp_child > 0) {
diff --git a/keepalived/vrrp/vrrp_daemon.c b/keepalived/vrrp/vrrp_daemon.c
index 239291b..da1205b 100644
--- a/keepalived/vrrp/vrrp_daemon.c
+++ b/keepalived/vrrp/vrrp_daemon.c
@@ -153,8 +153,6 @@
 void
 sighup_vrrp(void *v, int sig)
 {
-	log_message(LOG_INFO, "Reloading VRRP child process(%d) on signal",
-		    getpid());
 	thread_add_event(master, reload_vrrp_thread, NULL, 0);
 }
 
@@ -162,7 +160,6 @@
 void
 sigend_vrrp(void *v, int sig)
 {
-	log_message(LOG_INFO, "Terminating VRRP child process on signal");
 	if (master)
 		thread_add_terminate_event(master);
 }
-- 
1.7.10