ulogd: ignore private data on plugin stop

When deciding whether to call the stop hook of a plugin instance, only
two things are relevant: If the plugin actually has a stop hook defined,
and if the plugin instance is still used in a different stack. The
private data of a plugin instance is opaque to ulogd, so its size or
content are irrelevant to the stop-hook decision. And in the same vein
should ulogd never write to it.

The one-null-byte write could previously lead to an out-of-bounds write
on plugins with a stop hook and zero-size private data.

Signed-off-by: Corubba Smith <corubba@gmx.de>
Signed-off-by: Florian Westphal <fw@strlen.de>

1 files changed, 1 insertions, 3 deletions

diff --git a/src/ulogd.c b/src/ulogd.c
index 6c5ff9a..9a0060d 100644
--- a/src/ulogd.c
+++ b/src/ulogd.c
@@ -1327,12 +1327,10 @@ static void stop_pluginstances()
 
 	llist_for_each_entry(stack, &ulogd_pi_stacks, stack_list) {
 		llist_for_each_entry_safe(pi, npi, &stack->list, list) {
-			if ((pi->plugin->priv_size > 0 || *pi->plugin->stop) &&
-			    pluginstance_stop(pi)) {
+			if (*pi->plugin->stop && pluginstance_stop(pi)) {
 				ulogd_log(ULOGD_DEBUG, "calling stop for %s\n",
 					  pi->plugin->name);
 				(*pi->plugin->stop)(pi);
-				pi->private[0] = 0;
 			}
 
 			/* NB: plugin->stop() might access other plugin instances,