Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 2 Dec 2011 01:06:33 +0000 (UTC)
From:      "David E. O'Brien" <obrien@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r228193 - head/lib/libc/gen
Message-ID:  <201112020106.pB216XCU069542@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: obrien
Date: Fri Dec  2 01:06:33 2011
New Revision: 228193
URL: http://svn.freebsd.org/changeset/base/228193

Log:
  Tweak the r137233 fix to r136283 -- Code was making two send() attempts
  vs. the comment documented "If we are working with a privileged socket,
  then take only one attempt".  Make the code match.
  
  Furthermore, critical privileged applications that [over] log a vast amount
  can look like a DoS to this code.  Given it's unlikely the single reattempted
  send() will succeeded, avoid usurping the scheduler in a library API for a
  single non-critical facility in critical applications.
  
  Obtained from:	Juniper Networks
  Discussed with:	glebius

Modified:
  head/lib/libc/gen/syslog.c

Modified: head/lib/libc/gen/syslog.c
==============================================================================
--- head/lib/libc/gen/syslog.c	Fri Dec  2 00:38:47 2011	(r228192)
+++ head/lib/libc/gen/syslog.c	Fri Dec  2 01:06:33 2011	(r228193)
@@ -265,7 +265,7 @@ vsyslog(int pri, const char *fmt, va_lis
 	 *  1) syslogd was restarted
 	 *  2) /var/run/log is out of socket buffer space, which
 	 *     in most cases means local DoS.
-	 * We attempt to reconnect to /var/run/log to take care of
+	 * We attempt to reconnect to /var/run/log[priv] to take care of
 	 * case #1 and keep send()ing data to cover case #2
 	 * to give syslogd a chance to empty its socket buffer.
 	 *
@@ -281,13 +281,13 @@ vsyslog(int pri, const char *fmt, va_lis
 			connectlog();
 		}
 		do {
+			if (status == CONNPRIV)
+				break;
 			_usleep(1);
 			if (send(LogFile, tbuf, cnt, 0) >= 0) {
 				THREAD_UNLOCK();
 				return;
 			}
-			if (status == CONNPRIV)
-				break;
 		} while (errno == ENOBUFS);
 	} else {
 		THREAD_UNLOCK();

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201112020106.pB216XCU069542>