File rsyslog-3.18.3-imudp-discard-msg-DoS.bnc457273.dif of Package rsyslog

--- plugins/imudp/imudp.c
+++ plugins/imudp/imudp.c	2008/12/15 13:43:31
@@ -49,6 +49,10 @@
 DEFobjCurrIf(errmsg)
 DEFobjCurrIf(net)
 
+static time_t ttLastDiscard = 0;	/* timestamp when a message from a non-permitted sender was last discarded
+					 * This shall prevent remote DoS when the "discard on disallowed sender"
+					 * message is configured to be logged on occurance of such a case.
+					 */
 static int *udpLstnSocks = NULL;	/* Internet datagram sockets, first element is nbr of elements
 					 * read-only after init(), but beware of restart! */
 static uchar *pszBindAddr = NULL;	/* IP to bind socket to */
@@ -196,8 +200,15 @@
 						       } else {
 							       dbgprintf("%s is not an allowed sender\n", (char*)fromHostFQDN);
 							       if(option_DisallowWarning) {
-								       errmsg.LogError(NO_ERRCODE, "UDP message from disallowed sender %s discarded",
+									time_t tt;
+
+									time(&tt);
+									if(tt > ttLastDiscard + 60) {
+										ttLastDiscard = tt;
+										errmsg.LogError(NO_ERRCODE,
+										"UDP message from disallowed sender %s discarded",
 										  (char*)fromHost);
+									}
 							       }	
 						       }
 					       }