[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r10052: Backport candidate: Add asserts to dirserv_remove_invalid, a (in tor/trunk: . src/or)

To: or-cvs@xxxxxxxxxxxxx
Subject: [or-cvs] r10052: Backport candidate: Add asserts to dirserv_remove_invalid, a (in tor/trunk: . src/or)
From: nickm@xxxxxxxx
Date: Mon, 30 Apr 2007 01:32:59 -0400 (EDT)
Delivered-to: archiver@seul.org
Delivered-to: or-cvs-outgoing@seul.org
Delivered-to: or-cvs@seul.org
Delivery-date: Mon, 30 Apr 2007 01:33:07 -0400
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-cvs@xxxxxxxxxxxxx

Author: nickm
Date: 2007-04-30 01:32:57 -0400 (Mon, 30 Apr 2007)
New Revision: 10052

Modified:
   tor/trunk/
   tor/trunk/ChangeLog
   tor/trunk/src/or/dirserv.c
   tor/trunk/src/or/routerlist.c
Log:
 r12553@catbus:  nickm | 2007-04-30 01:32:54 -0400
 Backport candidate:  Add asserts to dirserv_remove_invalid, and fix a bug in dirserv_remove_invalid that could mess with pointers in a freed routerinfo right after it was freed.



Property changes on: tor/trunk
___________________________________________________________________
 svk:merge ticket from /tor/trunk [r12553] on 8246c3cf-6607-4228-993b-4d95d33730f1

Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog	2007-04-30 04:15:40 UTC (rev 10051)
+++ tor/trunk/ChangeLog	2007-04-30 05:32:57 UTC (rev 10052)
@@ -86,6 +86,9 @@
       we restart.
     - Correctly enforce that elements of directory objects do not appear
       more often than they are allowed to appear.
+    - Fix a bug in dirserv_remove_invalid() that would cause authorities to
+      corrupt memory under some really unlikely scenarios.
+    - Add even more asserts to hunt down bug 417.
 
   o Minor bugfixes (controller), reported by daejees:
     - Make 'getinfo fingerprint' return a 551 error if we're not a

Modified: tor/trunk/src/or/dirserv.c
===================================================================
--- tor/trunk/src/or/dirserv.c	2007-04-30 04:15:40 UTC (rev 10051)
+++ tor/trunk/src/or/dirserv.c	2007-04-30 05:32:57 UTC (rev 10052)
@@ -621,6 +621,8 @@
   int changed = 0;
   routerlist_t *rl = router_get_routerlist();
 
+  routerlist_assert_ok(rl);
+
   for (i = 0; i < smartlist_len(rl->routers); ++i) {
     const char *msg;
     routerinfo_t *ent = smartlist_get(rl->routers, i);
@@ -630,6 +632,7 @@
                ent->nickname, msg?msg:"");
       routerlist_remove(rl, ent, i--, 0);
       changed = 1;
+      continue;
     }
     if (bool_neq((r & FP_NAMED), ent->is_named)) {
       log_info(LD_DIRSERV,
@@ -653,6 +656,8 @@
   }
   if (changed)
     directory_set_dirty();
+
+  routerlist_assert_ok(rl);
 }
 
 /** Write a list of unregistered descriptors into a newly allocated

Modified: tor/trunk/src/or/routerlist.c
===================================================================
--- tor/trunk/src/or/routerlist.c	2007-04-30 04:15:40 UTC (rev 10051)
+++ tor/trunk/src/or/routerlist.c	2007-04-30 05:32:57 UTC (rev 10052)
@@ -4674,7 +4674,7 @@
   digestmap_iter_t *iter;
   routerinfo_t *r2;
   signed_descriptor_t *sd2;
-  if (!routerlist)
+  if (!rl);
     return;
   SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r,
   {

Prev by Author: [or-cvs] r10049: Avoid another exception when shutting down from torctl. (in torctl/trunk: . java/net/freehaven/tor/control)
Next by Author: [or-cvs] r10053: Oops; the rest of the last patch. If that one gets backporte (in tor/trunk: . src/or)
Previous by thread: [or-cvs] r10051: schedule proposal 110 to start in the 0.2.0 timeframe. perha (tor/trunk/doc)
Next by thread: [or-cvs] r10053: Oops; the rest of the last patch. If that one gets backporte (in tor/trunk: . src/or)
Index(es):
- Author
- Thread