Dear all,
We would like to share with you a patch we use for log4cxx in order to
prevent an exception being raised when a very long message is logged.
We found our system was sometimes misbehaving due to an exception being
raised by log4cxx when a very large message was logged - but only when
the SyslogAppender/SyslogWriter was in use (other appenders "worked"
perfectly).
We eventually traced the issue to the message(s) in question being too
large to fit inside a UDP packet (the syslog protocol uses UDP).
We didn't want to massively restructure our program logic to be able to
recover from rare logging errors e.g. by placing message length checking
code or exception handling code around every call to every trace
function which might ever need to log a long message (after all,
logging, although important & useful, is not the focus of our
application - and "massive" log messages are a rarity ).
We were particularly certain that this course of action best suited our
needs, given that the syslogappender wasn't the only appender in use and
the other appenders were capturing the entire message safely.
Therefore we felt it pragmatic to instead simply truncate messages that
are too long to be sent safely in a UDP packet just prior to sending
them.
The patch attached does just that - hopefully someone else will find it
useful!
I would suggest it might be worth rolling a similar patch into any
future log4cxx release - although I also accept that that is a
philosophical point - and others might actually prefer the current
behaviour (although, as discussed previously, it is not behaviour that
we can easily/safely live with in our current project)
Cheers,
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
--- /home/rhosyn/SVN/main/thirdparty/log4cxx/_build/app.32/app/apache-log4cxx-0.10.0/src/main/cpp/syslogwriter.cpp 2008-03-31 23:34:09.000000000 +0100
+++ /home/rhosyn/SVN/main/thirdparty/log4cxx/_build/app.host/app/apache-log4cxx-0.10.0/src/main/cpp/syslogwriter.cpp 2008-12-04 19:33:46.000000000 +0000
@@ -59,8 +59,13 @@
if (this->ds != 0 && this->address != 0) {
LOG4CXX_ENCODE_CHAR(data, source);
+ // We know we're sending this packet to a syslog server over UDP/IP.
+ // We also know that the maximum size of a udp packet is max_udp_packet_data_len
+ // - no point trying to send packets bigger than that; just truncate them.
+ // They'll probably be truncated further on arrival to syslogd too!
+ const size_t max_udp_packet_data_len = 65507;
DatagramPacketPtr packet(
- new DatagramPacket((void*) data.data(), data.length(),
+ new DatagramPacket((void*) data.data(), std::min (data.length(), max_udp_packet_data_len) ,
address, SYSLOG_PORT));
ds->send(packet);
