[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] [tor/maint-0.2.1 2/4] Proper NULL checking for hsdesc publication

To: or-cvs@xxxxxxxxxxxxx
Subject: [or-cvs] [tor/maint-0.2.1 2/4] Proper NULL checking for hsdesc publication
From: nickm@xxxxxxxxxxxxxx
Date: Sat, 27 Feb 2010 20:27:04 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-cvs-outgoing@xxxxxxxx
Delivered-to: or-cvs@xxxxxxxx
Delivery-date: Sat, 27 Feb 2010 15:27:16 -0500
Reply-to: or-dev@xxxxxxxxxxxxx
Sender: owner-or-cvs@xxxxxxxxxxxxx

Author: Sebastian Hahn <sebastian@xxxxxxxxxxxxxx>
Date: Tue, 23 Feb 2010 17:09:02 +0100
Subject: Proper NULL checking for hsdesc publication
Commit: f36c36f4a881d15d2187efbc59becb5195d0bf09

Fix a dereference-then-NULL-check sequence. This bug wasn't triggered
in the wild, but we should fix it anyways in case it ever happens.
Also make sure users get a note about this being a bug when they
see it in their log.

Thanks to ekir for discovering and reporting this bug.
---
 ChangeLog           |    4 ++++
 src/or/rendcommon.c |   12 ++++++------
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 24b0cc6..525a00b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,10 @@ Changes in version 0.2.1.25 - 2010-??-??
     - When freeing a cipher, zero it out completely. We only zeroed
       the first ptrsize bytes. Bugfix on tor-0.0.2pre8. Discovered
       and patched by ekir. Fixes bug 1254.
+  o Minor bugfixes:
+    - Fix a dereference-then-NULL-check sequence when publishing
+      descriptors. Bugfix on tor-0.2.1.5-alpha. Discovered by ekir,
+      fixes bug 1255.
 
 Changes in version 0.2.1.24 - 2010-02-21
   Tor 0.2.1.24 makes Tor work again on the latest OS X -- this time
diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
index d21eb42..a625900 100644
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@@ -451,17 +451,17 @@ rend_encode_v2_descriptors(smartlist_t *descs_out,
   size_t ipos_len = 0, ipos_encrypted_len = 0;
   int k;
   uint32_t seconds_valid;
-  crypto_pk_env_t *service_key = auth_type == REND_STEALTH_AUTH ?
-                                 client_key : desc->pk;
+  crypto_pk_env_t *service_key;
+  if (!desc) {
+    log_warn(LD_BUG, "Could not encode v2 descriptor: No desc given.");
+    return -1;
+  }
+  service_key = (auth_type == REND_STEALTH_AUTH) ? client_key : desc->pk;
   tor_assert(service_key);
   if (auth_type == REND_STEALTH_AUTH) {
     descriptor_cookie = smartlist_get(client_cookies, 0);
     tor_assert(descriptor_cookie);
   }
-  if (!desc) {
-    log_warn(LD_REND, "Could not encode v2 descriptor: No desc given.");
-    return -1;
-  }
   /* Obtain service_id from public key. */
   crypto_pk_get_digest(service_key, service_id);
   /* Calculate current time-period. */
-- 
1.6.5

Prev by Author: [or-cvs] [tor/master] Don't segfault when checking the consensus
Next by Author: [or-cvs] [tor/maint-0.2.1 3/4] Proper NULL checking in circuit_list_path_impl()
Previous by thread: [or-cvs] r21760: {projects} add new commit to branch backports, add note about merging t (projects/todo)
Next by thread: [or-cvs] [tor/maint-0.2.1 1/4] Zero a cipher completely before freeing it
Index(es):
- Author
- Thread