diff --git a/changes/bug2190 b/changes/bug2190 new file mode 100644 index 0000000000..92ecba7eb0 --- /dev/null +++ b/changes/bug2190 @@ -0,0 +1,6 @@ + o Minor bugfixes + - Prevent calls from Libevent from inside Libevent log handlers. + This had potential to cause a nasty set of crashes, especially if + running Libevent with debug logging enabled, and running Tor + with a controller watching for low-severity log messages. + Bugfix on 0.1.0.2-rc. Fixes bug 2190. diff --git a/src/common/log.c b/src/common/log.c index 6baef8e26c..da55f4fe0e 100644 --- a/src/common/log.c +++ b/src/common/log.c @@ -280,6 +280,10 @@ logv(int severity, log_domain_mask_t domain, const char *funcname, lf = lf->next; continue; } + if (lf->callback && (domain & LD_NOCB)) { + lf = lf->next; + continue; + } if (lf->seems_dead) { lf = lf->next; continue; @@ -943,19 +947,19 @@ libevent_logging_callback(int severity, const char *msg) } switch (severity) { case _EVENT_LOG_DEBUG: - log(LOG_DEBUG, LD_NET, "Message from libevent: %s", buf); + log(LOG_DEBUG, LD_NOCB|LD_NET, "Message from libevent: %s", buf); break; case _EVENT_LOG_MSG: - log(LOG_INFO, LD_NET, "Message from libevent: %s", buf); + log(LOG_INFO, LD_NOCB|LD_NET, "Message from libevent: %s", buf); break; case _EVENT_LOG_WARN: - log(LOG_WARN, LD_GENERAL, "Warning from libevent: %s", buf); + log(LOG_WARN, LD_NOCB|LD_GENERAL, "Warning from libevent: %s", buf); break; case _EVENT_LOG_ERR: - log(LOG_ERR, LD_GENERAL, "Error from libevent: %s", buf); + log(LOG_ERR, LD_NOCB|LD_GENERAL, "Error from libevent: %s", buf); break; default: - log(LOG_WARN, LD_GENERAL, "Message [%d] from libevent: %s", + log(LOG_WARN, LD_NOCB|LD_GENERAL, "Message [%d] from libevent: %s", severity, buf); break; } diff --git a/src/common/log.h b/src/common/log.h index 6a45fc3d0b..22b9e2474e 100644 --- a/src/common/log.h +++ b/src/common/log.h @@ -94,6 +94,10 @@ /** Number of logging domains in the code. */ #define N_LOGGING_DOMAINS 19 +/** This log message is not safe to send to a callback-based logger. + * Used as a flag, not a log domain. */ +#define LD_NOCB (1u<<31) + typedef uint32_t log_domain_mask_t; /** Configures which severities are logged for each logging domain for a given