Skip to content

Syslog escape forbidden characters#12079

Merged
sergepetrenko merged 4 commits intotarantool:masterfrom
Serpentian:gh-12006-syslog-escape-chars
Dec 4, 2025
Merged

Syslog escape forbidden characters#12079
sergepetrenko merged 4 commits intotarantool:masterfrom
Serpentian:gh-12006-syslog-escape-chars

Conversation

@Serpentian
Copy link
Contributor

@Serpentian Serpentian commented Nov 26, 2025

Closes #12006

@Serpentian Serpentian self-assigned this Nov 26, 2025
@Serpentian Serpentian force-pushed the gh-12006-syslog-escape-chars branch 3 times, most recently from d6d906b to 7b627ef Compare November 26, 2025 15:31
@Serpentian Serpentian marked this pull request as ready for review November 26, 2025 15:49
@Serpentian Serpentian requested a review from a team as a code owner November 26, 2025 15:49
@Serpentian Serpentian requested a review from locker November 26, 2025 15:49
@Serpentian Serpentian assigned locker and unassigned Serpentian Nov 26, 2025
@coveralls
Copy link

coveralls commented Nov 26, 2025
edited
Loading

Coverage Status

coverage: 87.637% (+0.03%) from 87.607%
when pulling fbd589e on Serpentian:gh-12006-syslog-escape-chars
into fa4a0db
on tarantool:master.

locker
locker reviewed Nov 27, 2025
View reviewed changes
@locker locker assigned Serpentian and unassigned locker Nov 27, 2025
@Serpentian Serpentian assigned locker and unassigned Serpentian Nov 27, 2025
@locker locker assigned Serpentian and unassigned locker Nov 27, 2025
@Serpentian Serpentian removed their assignment Nov 27, 2025
sergepetrenko
sergepetrenko reviewed Dec 2, 2025
View reviewed changes
Copy link
Collaborator

@sergepetrenko sergepetrenko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the patch!

@Serpentian Serpentian force-pushed the gh-12006-syslog-escape-chars branch from 7b627ef to b83ee49 Compare December 2, 2025 14:14
sergepetrenko
sergepetrenko approved these changes Dec 2, 2025
View reviewed changes
Copy link
Collaborator

@sergepetrenko sergepetrenko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@sergepetrenko sergepetrenko added the full-ci Enables all tests for a pull request label Dec 2, 2025
@Serpentian Serpentian force-pushed the gh-12006-syslog-escape-chars branch from b83ee49 to b5c799d Compare December 3, 2025 11:33
@Serpentian Serpentian force-pushed the gh-12006-syslog-escape-chars branch from b5c799d to d60c721 Compare December 3, 2025 14:51
@Serpentian Serpentian added fuzzing and removed fuzzing labels Dec 3, 2025
@Serpentian Serpentian force-pushed the gh-12006-syslog-escape-chars branch 5 times, most recently from 5d1a219 to eb404c2 Compare December 3, 2025 16:42
@Serpentian
util: refactor json escape functions for different escaping
6fcc092 
This commit renames `json_escape` and `json_escape_inplace` to have more
general name and allows passing escape function to them as an argument,
so that the subsequent commits could introduce another type of string
escaping, which will be used to make the syslog messages comply with RFC
3164.

Needed for tarantool#12006

NO_TEST=refactoring
NO_CHANGELOG=refactoring
NO_DOC=refactoring
@Serpentian
say: escape characters when syslog is used for plain format
c76f7b8 
This commit makes logger escape prohibited characters in plain format,
to make Tarantool's syslog logging comply with RFC 3164, which states:

> The MSG part of the syslog packet MUST contain visible (printing)
  characters. The code set traditionally and most often used has also
  been seven-bit ASCII in an eight-bit field like that used in the PRI
  and HEADER parts. In this code set, the only allowable characters
  are the ABNF VCHAR values (%d33-126) and spaces (SP value %d32) 1.

It's implemented with inplace escaping for the sake of code simplicity.

Part of tarantool#12006

NO_DOC=later
NO_CHANGELOG=later
@Serpentian
say: escape characters when syslog is used in JSON format
577b8e8 
This commit makes logger escape prohibited characters in JSON format,
to make Tarantool's syslog logging comply with RFC 3164, which states:

> The MSG part of the syslog packet MUST contain visible (printing)
  characters. The code set traditionally and most often used has also
  been seven-bit ASCII in an eight-bit field like that used in the PRI
  and HEADER parts. In this code set, the only allowable characters
  are the ABNF VCHAR values (%d33 - 126) and spaces (SP value %d32) 1.

Simple `json_escape_inplace` in the end cannot be used for json
escaping, as it was done for plain format, since it'll corrupt the
structure of the message and it won't be possible to decode it after
that.

Closes tarantool#12006

@TarantoolBot document
Title: Document the RFC 3164 syslog format compliance
Since: 3.6.1

Documents:
  * https://www.tarantool.io/en/doc/latest/reference/configuration/configuration_reference/#audit-log-syslog
  * https://www.tarantool.io/en/doc/latest/admin/logs/#log-destination
  * https://www.tarantool.io/en/doc/latest/reference/reference_lua/log/
  * https://www.tarantool.io/en/doc/latest/reference/configuration/#confval-log

The syslog format is compliant with
[RFC 3164](https://www.rfc-editor.org/rfc/rfc3164.html). However, the
length of the message can be up to 16 * 1024 bytes.
@Serpentian
say: remove mentioning of the RFC 5424 from comments
fbd589e 
The RFC 5424 expects the syslog message header to be formatted as:

> <165>1 2003-10-11T22:14:15.003Z mymachine.example.com
  evntslog - ID47 [exampleSDID@32473 iut="3" eventSource=
  "Application" eventID="1011"] BOMAn application
  event log entry...

Our syslog message header doesn't comply with it, users should configure
syslog parser according to RFC 3164, so let's remove mention of another
one from the comments.

Follow-up tarantool#12006

NO_DOC=comment
NO_TEST=comment
NO_CHANGELOG=comment
@Serpentian Serpentian force-pushed the gh-12006-syslog-escape-chars branch from eb404c2 to fbd589e Compare December 4, 2025 09:39
@Serpentian
Copy link
Contributor Author

Serpentian commented Dec 4, 2025

Made some minor adjustments:

  1. In the first commit str_escape and str_escape_inplace became static, checkpatch requested comments for them, so they're also added for these functions.

  2. Moved fix of the str_make_expected from the third commit to the second one, where it was introduced. The same applies to the fix of the test/box-luatest/gh_7860_syslog_json_test.lua, since it became broken in the second commit, not in the third one.

@sergepetrenko sergepetrenko merged commit 88ce4e6 into tarantool:master Dec 4, 2025
62 of 63 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@locker locker locker approved these changes

@sergepetrenko sergepetrenko sergepetrenko approved these changes

@xuniq xuniq xuniq approved these changes

Assignees

@sergepetrenko sergepetrenko

Labels

full-ci Enables all tests for a pull request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Escape forbidden characters in log messages, when syslog is used

5 participants

@Serpentian @coveralls @locker @sergepetrenko @xuniq