diff options
author | Nick Mathewson <nickm@torproject.org> | 2017-11-20 10:14:41 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2017-11-20 10:14:41 -0500 |
commit | c8ee12b2e8108658d647aedb92885311291b6f71 (patch) | |
tree | 2eda7ca2934e51e156971582e4d14da827e663a1 /src/or | |
parent | cabcb752d7ecc2d16e6cb630b3de0684b4f97ec5 (diff) | |
download | tor-c8ee12b2e8108658d647aedb92885311291b6f71.tar.gz tor-c8ee12b2e8108658d647aedb92885311291b6f71.zip |
Recover better from empty/invalid storagedir files
If we can't read a file because of an FS issue, we say "we can't
read that" and move on. But if we can't read it because it's empty,
because it has no labels, or because its labels are misformatted, we
should remove it.
Fixes bug 24099; bugfix on 0.3.1.1-alpha.
Diffstat (limited to 'src/or')
-rw-r--r-- | src/or/conscache.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/src/or/conscache.c b/src/or/conscache.c index 9e13ce8e43..4919dba3d2 100644 --- a/src/or/conscache.c +++ b/src/or/conscache.c @@ -539,9 +539,16 @@ consensus_cache_rescan(consensus_cache_t *cache) map = storage_dir_map_labeled(cache->dir, fname, &labels, &body, &bodylen); if (! map) { - /* Can't load this; continue */ - log_warn(LD_FS, "Unable to map file %s from consensus cache: %s", - escaped(fname), strerror(errno)); + if (errno == ERANGE || errno == EINVAL) { + log_warn(LD_FS, "Found %s file %s in consensus cache; removing it.", + errno == ERANGE ? "empty" : "misformatted", + escaped(fname)); + storage_dir_remove_file(cache->dir, fname); + } else { + /* Can't load this; continue */ + log_warn(LD_FS, "Unable to map file %s from consensus cache: %s", + escaped(fname), strerror(errno)); + } continue; } consensus_cache_entry_t *ent = |