[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/master] Untangle cleanup logic in test_hs_intropoint.c



commit 61a367cadd235dacf3cdc5543ba261dfee66f5d4
Author: Taylor Yu <catalyst@xxxxxxxxxxxxxx>
Date:   Thu May 11 12:55:18 2017 -0400

    Untangle cleanup logic in test_hs_intropoint.c
    
    Cleanup logic in test_intro_point_registration() invoked tt_assert()
    in a way that could cause it to jump backward into the cleanup code if
    the assertion failed, causing Coverity to see a double free (CID
    1397192).  Move the tt_assert() calls into a helper function having
    the well-defined task of testing hs_circuitmap_free_all().
    Fixes #22231.
---
 src/test/test_hs_intropoint.c | 27 +++++++++++++++++++--------
 1 file changed, 19 insertions(+), 8 deletions(-)

diff --git a/src/test/test_hs_intropoint.c b/src/test/test_hs_intropoint.c
index ef5cb46..c619787 100644
--- a/src/test/test_hs_intropoint.c
+++ b/src/test/test_hs_intropoint.c
@@ -503,6 +503,24 @@ helper_establish_intro_v2(or_circuit_t *intro_circ)
   return key1;
 }
 
+/* Helper function: test circuitmap free_all function outside of
+ * test_intro_point_registration to prevent Coverity from seeing a
+ * double free if the assertion hypothetically fails.
+ */
+static void
+test_circuitmap_free_all(void)
+{
+  hs_circuitmap_ht *the_hs_circuitmap = NULL;
+
+  the_hs_circuitmap = get_hs_circuitmap();
+  tt_assert(the_hs_circuitmap);
+  hs_circuitmap_free_all();
+  the_hs_circuitmap = get_hs_circuitmap();
+  tt_assert(!the_hs_circuitmap);
+ done:
+  ;
+}
+
 /** Successfuly register a v2 intro point and a v3 intro point. Ensure that HS
  *  circuitmap is maintained properly. */
 static void
@@ -583,14 +601,7 @@ test_intro_point_registration(void *arg)
   circuit_free(TO_CIRCUIT(intro_circ));
   circuit_free(TO_CIRCUIT(legacy_intro_circ));
   trn_cell_establish_intro_free(establish_intro_cell);
-
-  { /* Test circuitmap free_all function. */
-    the_hs_circuitmap = get_hs_circuitmap();
-    tt_assert(the_hs_circuitmap);
-    hs_circuitmap_free_all();
-    the_hs_circuitmap = get_hs_circuitmap();
-    tt_assert(!the_hs_circuitmap);
-  }
+  test_circuitmap_free_all();
 
   UNMOCK(hs_intro_send_intro_established_cell);
 }



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits