From 16199a54a2b3f5ce94c6ca4248cbf44448ba95ae Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Mon, 17 Dec 2018 09:14:16 -0500 Subject: [PATCH] Check hostname before using it in send_resolved_hostname_cell() Also, turn an absent hostname into a BUG(), not a crash. Found by scan-build. Closes ticket 28879; bugfix on 0.1.2.7-alpha --- changes/ticket28879 | 5 +++++ src/feature/relay/dns.c | 5 ++++- 2 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 changes/ticket28879 diff --git a/changes/ticket28879 b/changes/ticket28879 new file mode 100644 index 0000000000..126420f6ca --- /dev/null +++ b/changes/ticket28879 @@ -0,0 +1,5 @@ + o Minor bugfixes (correctness): + - Fix an unreached code-path where we checked the value of "hostname" + inside send_resolved_hostnam_cell(). Previously, we used it before + checking it; now we check it first. Fixes bug 28879; bugfix on + 0.1.2.7-alpha. diff --git a/src/feature/relay/dns.c b/src/feature/relay/dns.c index bc507d47f6..cc213ff8d6 100644 --- a/src/feature/relay/dns.c +++ b/src/feature/relay/dns.c @@ -586,8 +586,11 @@ send_resolved_hostname_cell,(edge_connection_t *conn, char buf[RELAY_PAYLOAD_SIZE]; size_t buflen; uint32_t ttl; + + if (BUG(!hostname)) + return; + size_t namelen = strlen(hostname); - tor_assert(hostname); tor_assert(namelen < 256); ttl = dns_clip_ttl(conn->address_ttl);