View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0032243||mantisbt||plug-ins||public||2023-03-25 14:36||2023-04-11 19:07|
|Target Version||2.25.7||Fixed in Version||2.25.7|
|Summary||0032243: EVENT_LOG can produce stack overflow when LOG_DATABASE is enabled|
If a plugin hooks into EVENT_LOG event and writes to the database, then that would trigger LOG_DATABASE which would trigger EVENT_LOG, and so on.
Ideally, we don't protect this on the plugin level (e.g. EventLog plugin), but protect against this issue in the plugin API.
|Steps To Reproduce|
|Tags||No tags attached.|
Infinite recursion loop could occur not only for LOG_DATABASE, but also for any other logging event type triggered by a plugin hooked on EVENT_LOG.
Probably the same issue previously reported at https://github.com/mantisbt-plugins/EventLog/issues/3
I had a quick look at this over lunch break, and I think the problem could be avoided by not calling the EVENT_LOG event if we are already processing it.
Proposed fix https://github.com/mantisbt/mantisbt/pull/1877
MantisBT: master-2.25 b5259af0
|Prevent recursion when signaling EVENT_LOG event
If a plugin hooked on EVENT_LOG calls log_event() directly or indirectly
and the log level settings include the level for the event being logged,
MantisBT enters in an endless recursion loop.
Using a static variable to prevent recursion if EVENT_LOG has already
been signaled prevents this.
|mod - core/logging_api.php||Diff File|