View | Details | Raw Unified | Return to bug 194751
Collapse All | Expand All

(-)syslog.c (-8 / +20 lines)
Lines 262-285 Link Here
262
262
263
	/*
263
	/*
264
	 * If the send() failed, there are two likely scenarios: 
264
	 * If the send() fails, there are two likely scenarios: 
265
	 *  1) syslogd was restarted
265
	 *  1) syslogd was restarted
266
	 *  2) /var/run/log is out of socket buffer space, which
266
	 *  2) /var/run/log is out of socket buffer space, which
267
	 *     in most cases means local DoS.
267
	 *     in most cases means local DoS.
268
	 * We attempt to reconnect to /var/run/log[priv] to take care of
268
	 * If the error does not indicate a full buffer, we address
269
	 * case #1 and keep send()ing data to cover case #2
269
	 * case #1 by attempting to reconnect to /var/run/log[priv]
270
	 * to give syslogd a chance to empty its socket buffer.
270
	 * and resending the message once.
271
	 *
271
	 *
272
	 * If we are working with a priveleged socket, then take
272
	 * If we are working with a privileged socket, the retry
273
	 * only one attempt, because we don't want to freeze a
273
	 * attempts end there, because we don't want to freeze a
274
	 * critical application like su(1) or sshd(8).
274
	 * critical application like su(1) or sshd(8).
275
	 *
275
	 *
276
	 * Otherwise, we address case #2 by repeatedly retrying the
277
	 * send() to give syslogd a chance to empty its socket buffer.
278
	 *
276
	 */
279
	 */
277
280
278
	if (send(LogFile, tbuf, cnt, 0) < 0) {
281
	if (send(LogFile, tbuf, cnt, 0) < 0) {
279
		if (errno != ENOBUFS) {
282
		if (errno != ENOBUFS) {
283
			/* scenario 1: syslogd was restarted */
284
			/* reconnect and resend once */
280
			disconnectlog();
285
			disconnectlog();
281
			connectlog();
286
			connectlog();
287
			if (send(LogFile, tbuf, cnt, 0) >= 0) {
288
				THREAD_UNLOCK();
289
				return;
290
			}
291
			/* if the resend failed, fall through to possible scenario 2 */
282
		}
292
		}
283
		do {
293
		while (errno == ENOBUFS) {
294
			/* scenario 2: out of socket buffer space */
295
			/* possible DoS, fail fast on a privileged socket */
284
			if (status == CONNPRIV)
296
			if (status == CONNPRIV)
285
				break;
297
				break;
Lines 289-293 Link Here
289
				return;
301
				return;
290
			}
302
			}
291
		} while (errno == ENOBUFS);
303
		};
292
	} else {
304
	} else {
293
		THREAD_UNLOCK();
305
		THREAD_UNLOCK();

Return to bug 194751