Re: /bzr/squid3/trunk/ r12048: Bug 3490: Crash writing Referer/Username logs from Amos Jeffries on 2012-02-20 (squid-dev)

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Tue, 21 Feb 2012 11:09:24 +1300

On 21.02.2012 07:01, Alex Rousskov wrote:
> On 02/20/2012 01:56 AM, Amos Jeffries wrote:
>> ------------------------------------------------------------
>> revno: 12048
>> message:
>> Bug 3490: Crash writing Referer/Username logs
>> modified:
>> src/log/FormatSquidReferer.cc
>> src/log/FormatSquidUseragent.cc
>
>> + // do not log unless there is something to be displayed.
>> + if (!al || !al->request)
>> + return;
>> +
>> const char *agent = al->request->header.getStr(HDR_USER_AGENT);
>>
>> // do not log unless there is something to be displayed.
>> if (!agent || *agent == '\0')
>
>
> I know this and the Log::Format::SquidReferer changes fix a bug and
> there is already code that disables logging if agent or referrer are
> absent, but I have to note that the "log nothing" approach itself is
> flawed because it leads to malformed log entries at best and hides
> potentially critical entries at worst, as documented by Squid r11337:
>
>> Log all transactions including those with uncertain status or no
>> sent response.
>>
>> Excluding those transactions from access log hides valuable
>> information.
>>
>> For example, it hides certain aborted client transactions which
>> sometimes
>> indicate Squid bugs or configuration problems that the administrator
>> can fix.
>> It also leads to wrong statistics reporting if the reporting tools
>> are based
>> on access logs information.
>
>
> The correct behavior, IMO, is to log dashes for any information that
> is
> unavailable, even if no information is available for all entries
> (which
> is probably never true for formats that include current time).
>
>
> Thank you,
>
> Alex.

This was retained as 2.x behaviour. I'm open for changing that
behaviour. But we need to consider how to handle error cases like
completely missing request data more deeply before that happens. Since
there is no error field and logging an empty entry effectively marks
that a HTTP request *was* made with no referrer, possibly when no HTTP
request was made at all, or when parsing died before reaching the
referrer this would have logged.

Amos
Received on Mon Feb 20 2012 - 22:09:28 MST

This archive was generated by hypermail 2.2.0 : Tue Feb 21 2012 - 12:00:09 MST