[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] [tor/release-0.2.1] Do not send Libevent log messages to a controller (0.2.1 backport)



commit 668f7a2639faf59e5bc4f2615e61e0e768e0b26d
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Fri Nov 19 22:22:43 2010 -0500

    Do not send Libevent log messages to a controller (0.2.1 backport)
    
    Doing so could make Libevent call Libevent from inside a Libevent
    logging call, which is a recipe for reentrant confusion and
    hard-to-debug crashes.  This would especially hurt if Libevent
    debug-level logging is enabled AND the user has a controller
    watching for low-severity log messages.
    
    Fix bug 2190; fix on 0.1.0.2-rc.
---
 changes/bug2190  |    6 ++++++
 src/common/log.c |   14 +++++++++-----
 src/common/log.h |    4 ++++
 3 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/changes/bug2190 b/changes/bug2190
new file mode 100644
index 0000000..92ecba7
--- /dev/null
+++ b/changes/bug2190
@@ -0,0 +1,6 @@
+  o Minor bugfixes
+    - Prevent calls from Libevent from inside Libevent log handlers.
+      This had potential to cause a nasty set of crashes, especially if
+      running Libevent with debug logging enabled, and running Tor
+      with a controller watching for low-severity log messages.
+      Bugfix on 0.1.0.2-rc.  Fixes bug 2190.
diff --git a/src/common/log.c b/src/common/log.c
index 6baef8e..da55f4f 100644
--- a/src/common/log.c
+++ b/src/common/log.c
@@ -280,6 +280,10 @@ logv(int severity, log_domain_mask_t domain, const char *funcname,
       lf = lf->next;
       continue;
     }
+    if (lf->callback && (domain & LD_NOCB)) {
+      lf = lf->next;
+      continue;
+    }
     if (lf->seems_dead) {
       lf = lf->next;
       continue;
@@ -943,19 +947,19 @@ libevent_logging_callback(int severity, const char *msg)
   }
   switch (severity) {
     case _EVENT_LOG_DEBUG:
-      log(LOG_DEBUG, LD_NET, "Message from libevent: %s", buf);
+      log(LOG_DEBUG, LD_NOCB|LD_NET, "Message from libevent: %s", buf);
       break;
     case _EVENT_LOG_MSG:
-      log(LOG_INFO, LD_NET, "Message from libevent: %s", buf);
+      log(LOG_INFO, LD_NOCB|LD_NET, "Message from libevent: %s", buf);
       break;
     case _EVENT_LOG_WARN:
-      log(LOG_WARN, LD_GENERAL, "Warning from libevent: %s", buf);
+      log(LOG_WARN, LD_NOCB|LD_GENERAL, "Warning from libevent: %s", buf);
       break;
     case _EVENT_LOG_ERR:
-      log(LOG_ERR, LD_GENERAL, "Error from libevent: %s", buf);
+      log(LOG_ERR, LD_NOCB|LD_GENERAL, "Error from libevent: %s", buf);
       break;
     default:
-      log(LOG_WARN, LD_GENERAL, "Message [%d] from libevent: %s",
+      log(LOG_WARN, LD_NOCB|LD_GENERAL, "Message [%d] from libevent: %s",
           severity, buf);
       break;
   }
diff --git a/src/common/log.h b/src/common/log.h
index 6a45fc3..22b9e24 100644
--- a/src/common/log.h
+++ b/src/common/log.h
@@ -94,6 +94,10 @@
 /** Number of logging domains in the code. */
 #define N_LOGGING_DOMAINS 19
 
+/** This log message is not safe to send to a callback-based logger.
+ * Used as a flag, not a log domain. */
+#define LD_NOCB (1u<<31)
+
 typedef uint32_t log_domain_mask_t;
 
 /** Configures which severities are logged for each logging domain for a given