From b4963da987f0b374a2bbfd866e1a36358b1e750f Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 9 Aug 2017 10:55:30 -0400 Subject: [PATCH] Treat a bad tor_spawn_background() as a BUG(). The contract is that, if may_spawn_background_process() is 0, you're not even allowed to try to spawn a process. --- src/common/util.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/common/util.c b/src/common/util.c index 18108fc242..eff678d6a4 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -4180,8 +4180,11 @@ tor_spawn_background(const char *const filename, const char **argv, process_environment_t *env, process_handle_t **process_handle_out) { - if (may_spawn_background_process == 0) + if (BUG(may_spawn_background_process == 0)) { + /* We should never reach this point if we're forbidden to spawn + * processes. Instead we should have caught the attempt earlier. */ return PROCESS_STATUS_ERROR; + } #ifdef _WIN32 HANDLE stdout_pipe_read = NULL;