[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/maint-0.2.5] In routerlist_assert_ok(), check r2 before taking &(r2->cache_info)
commit 3c2c6a61163cd6a42cc0eeee9fc43200b9f08503
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Wed Sep 10 23:46:20 2014 -0400
In routerlist_assert_ok(), check r2 before taking &(r2->cache_info)
Technically, we're not allowed to take the address of a member can't
exist relative to the null pointer. That makes me wonder how any sane
compliant system implements the offsetof macro, but let's let sleeping
balrogs lie.
Fixes 13096; patch on 0.1.1.9-alpha; patch from "teor", who was using
clang -fsanitize=undefined-trap -fsanitize-undefined-trap-on-error -ftrapv
---
changes/bug13096 | 4 ++++
src/or/routerlist.c | 2 +-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/changes/bug13096 b/changes/bug13096
new file mode 100644
index 0000000..521faaf
--- /dev/null
+++ b/changes/bug13096
@@ -0,0 +1,4 @@
+ o Minor bugfixes (conformance):
+ - In routerlist_assert_ok(), don't take the address of a routerinfo's
+ cache_info member unless that routerinfo is non-NULL. Fixes bug
+ 13096; bugfix on 0.1.1.9-alpha. Patch by "teor".
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index b5e9245..32cbe19 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -4938,7 +4938,7 @@ routerlist_assert_ok(const routerlist_t *rl)
} SMARTLIST_FOREACH_END(r);
SMARTLIST_FOREACH_BEGIN(rl->old_routers, signed_descriptor_t *, sd) {
r2 = rimap_get(rl->identity_map, sd->identity_digest);
- tor_assert(sd != &(r2->cache_info));
+ tor_assert(!r2 || sd != &(r2->cache_info));
sd2 = sdmap_get(rl->desc_digest_map, sd->signed_descriptor_digest);
tor_assert(sd == sd2);
tor_assert(sd->routerlist_index == sd_sl_idx);
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits