NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

lib/47055: libc diagassert issues

>Number:         47055
>Category:       lib
>Synopsis:       libc diagassert issues
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Oct 10 19:45:00 +0000 2012
>Originator:     David A. Holland
>Release:        NetBSD 6.99.12 (20121010)

There are two problems with libc diagassert:

(1) it calls syslog() blindly, so if an assertion happens in a program
that hasn't called openlog(), it ends up using uninitialized state in
syslog.c. The observable effect of this seems to be to issue syslog
messages with no hostname field; however, it could be (or become,
without much notice) a good deal worse.

(2) it isn't thread-safe. It frob a global variable (diagassert_flags)
without locking. It also should probably be using syslog_r() rather
than syslog().


Build kde4, look at the resulting syslog spam. Then review the code.


Probably needs discussion.

Home | Main Index | Thread Index | Old Index