From c35cac10ecbdb3a067841a9f4528c02b875a0cb0 Mon Sep 17 00:00:00 2001 From: obrien Date: Fri, 2 Dec 2011 01:06:33 +0000 Subject: Tweak the r137233 fix to r136283 -- Code was making two send() attempts vs. the comment documented "If we are working with a privileged socket, then take only one attempt". Make the code match. Furthermore, critical privileged applications that [over] log a vast amount can look like a DoS to this code. Given it's unlikely the single reattempted send() will succeeded, avoid usurping the scheduler in a library API for a single non-critical facility in critical applications. Obtained from: Juniper Networks Discussed with: glebius --- lib/libc/gen/syslog.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'lib/libc') diff --git a/lib/libc/gen/syslog.c b/lib/libc/gen/syslog.c index 6f04703..de438c4 100644 --- a/lib/libc/gen/syslog.c +++ b/lib/libc/gen/syslog.c @@ -265,7 +265,7 @@ vsyslog(int pri, const char *fmt, va_list ap) * 1) syslogd was restarted * 2) /var/run/log is out of socket buffer space, which * in most cases means local DoS. - * We attempt to reconnect to /var/run/log to take care of + * We attempt to reconnect to /var/run/log[priv] to take care of * case #1 and keep send()ing data to cover case #2 * to give syslogd a chance to empty its socket buffer. * @@ -281,13 +281,13 @@ vsyslog(int pri, const char *fmt, va_list ap) connectlog(); } do { + if (status == CONNPRIV) + break; _usleep(1); if (send(LogFile, tbuf, cnt, 0) >= 0) { THREAD_UNLOCK(); return; } - if (status == CONNPRIV) - break; } while (errno == ENOBUFS); } else { THREAD_UNLOCK(); -- cgit v1.1