From 331a6442021405ecc0704fc11adb42178c917e67 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Mon, 26 May 2008 15:49:32 +0200 Subject: protected gtls error string function by a mutex. Without it, we could have a race condition in extreme cases. This was very remote, but now can no longer happen. --- runtime/nsd_gtls.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'runtime/nsd_gtls.c') diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c index aaa3159c..4f1a82e3 100644 --- a/runtime/nsd_gtls.c +++ b/runtime/nsd_gtls.c @@ -31,6 +31,7 @@ #include #include #include +#include #include "rsyslog.h" #include "syslogd-types.h" @@ -60,6 +61,8 @@ DEFobjCurrIf(nsd_ptcp) static int bGlblSrvrInitDone = 0; /**< 0 - server global init not yet done, 1 - already done */ +static pthread_mutex_t mutGtlsStrerror; /**< a mutex protecting the potentially non-reentrant gtlStrerror() function */ + /* a macro to check GnuTLS calls against unexpected errors */ #define CHKgnutls(x) \ if((gnuRet = (x)) != 0) { \ @@ -311,8 +314,9 @@ uchar *gtlsStrerror(int error) { uchar *pErr; - // TODO: guard by mutex! + pthread_mutex_lock(&mutGtlsStrerror); pErr = (uchar*) strdup(gnutls_strerror(error)); + pthread_mutex_unlock(&mutGtlsStrerror); return pErr; } @@ -1389,6 +1393,7 @@ BEGINmodExit CODESTARTmodExit nsdsel_gtlsClassExit(); nsd_gtlsClassExit(); + pthread_mutex_destroy(&mutGtlsStrerror); ENDmodExit @@ -1406,6 +1411,7 @@ CODESTARTmodInit CHKiRet(nsd_gtlsClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */ CHKiRet(nsdsel_gtlsClassInit(pModInfo)); /* must be done after tcps_sess, as we use it */ + pthread_mutex_init(&mutGtlsStrerror, NULL); ENDmodInit /* vi:set ai: */ -- cgit v1.2.3