[tor-bugs] #16480 [Tor]: connection_write_to_buf: indirect recursion for CONN_TYPE_CONTROL
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jul 2 06:54:49 UTC 2015
#16480: connection_write_to_buf: indirect recursion for CONN_TYPE_CONTROL
-------------------------+---------------------
Reporter: cypherpunks | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor | Version:
Keywords: | Actual Points:
Parent ID: | Points:
-------------------------+---------------------
Call of `connection_write_to_buf` for CONN_TYPE_CONTROL allows immediate
flush of the outbuf. Then if code tries to log something and
`control_event_logmsg` is involved then it call of
`connection_write_to_buf` recursively. Consequence calls blocked by
`++disable_log_messages` only then.
Three ways to fix:
1. Remove ability for immediate flush of the outbuf by
`connection_write_to_buf`
2. Check `in_connection_handle_write` flag at start of
`connection_handle_write`
3. Guard call of `connection_handle_write` by `disable_control_logging`
and `enable_control_logging`
Every way have negative and positive impacts.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16480>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list