nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 21:23:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Ensure signing_key is non-NULL before accessing one of its members

Browse Source 
signing_key can be NULL in ed_key_init_from_file in routerkeys.c.
Discovered by clang 3.7 address sanitizer.

Fix on c03694938e, not in any released version of Tor.
This commit is contained in:
teor 2015-06-03 03:56:05 +10:00
parent e0477de0e2
commit 383a27afc5
2 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
changes/bug16115-signing-key-NULL-check Normal file
View File

@ -0,0 +1,6 @@
o Minor fixes (threads, comments):
- Ensure signing_key is non-NULL before accessing one of its members
signing_key can be NULL in ed_key_init_from_file in routerkeys.c.
Discovered by clang 3.7 address sanitizer.
Patch by "teor".
Fix on c03694938ed0, not in any released version of Tor.

3
src/or/routerkeys.c
View File

@ -152,7 +152,8 @@ ed_key_init_from_file(const char *fname, uint32_t flags,
ED25519_PUBKEY_LEN)) {
tor_log(severity, LD_OR, "Cert was for wrong key");
bad_cert = 1;
} else if (tor_cert_checksig(cert, &signing_key->pubkey, now) < 0 &&
} else if (signing_key &&
tor_cert_checksig(cert, &signing_key->pubkey, now) < 0 &&
(signing_key || cert->cert_expired)) {
tor_log(severity, LD_OR, "Can't check certificate");
bad_cert = 1;