fix parsing of syslog priority (GH #264)

...the code

* first looks for '<' and advances to the next character,
* it looks for a number between 0 and 9 and advances to the next
  character, (it finds 7)
* it looks for '>' and advances to the next character,
* it looks for a number between 0 and 9 and advances to the next
  character, (it finds the '2' of '2010')

=> result: prio is 72 instead of 7.

The code that checks if the character is '>' should be outside the loop
that checks if the character is a number. The attached patch moves this
check.

diff --git a/print-syslog.c b/print-syslog.c
index 3685d62042a09d57334c36f532f0df839be45114..7fb0c22568c248b6a9e622f56797a07b0044cccd 100644 (file)
--- a/print-syslog.c
+++ b/print-syslog.c
@@ -116,9 +116,9 @@ syslog_print(register const u_char *pptr, register u_int len)
             if (!TTEST2(*(pptr+msg_off), 1))
                 goto trunc;
 
+        }
         if (*(pptr+msg_off) == '>')
             msg_off++;
-        }
     } else {
         printf("[|syslog]");
         return;

diff --git a/tests/syslog-v.out b/tests/syslog-v.out
index 8249cae5b13be7897b88794f83f470f44720e59b..5ebed29ff8bfa5d16fe5db698e408a3f32420ac1 100644 (file)
--- a/tests/syslog-v.out
+++ b/tests/syslog-v.out
@@ -12,5 +12,5 @@ IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 107)
        Msg: 2013-09-12T19:16:34.457849+04:00 localhost through rsyslog: test message 23
 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 106)
     10.0.0.20.52693 > 10.0.0.71.514: SYSLOG, length: 78
-       Facility ftp (11), Severity warning (4)
-       Msg: 013-09-12T19:16:43.513746+04:00 localhost through rsyslog: test message 24
+       Facility user (1), Severity alert (1)
+       Msg: 2013-09-12T19:16:43.513746+04:00 localhost through rsyslog: test message 24