From c8f154e173df57992cfa85475944a03b6d882f01 Mon Sep 17 00:00:00 2001 From: Sebastian Hahn Date: Tue, 23 Feb 2010 17:09:02 +0100 Subject: [PATCH] Proper NULL checking for hsdesc publication Fix a dereference-then-NULL-check sequence. This bug wasn't triggered in the wild, but we should fix it anyways in case it ever happens. Also make sure users get a note about this being a bug when they see it in their log. Thanks to ekir for discovering and reporting this bug. --- ChangeLog | 3 +++ src/or/rendcommon.c | 12 ++++++------ 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index ef866292f9..541d7808e3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,9 @@ Changes in version 0.2.2.10-alpha - 2010-??-?? o Minor bugfixes: - Fix a memleak in the EXTENDCIRCUIT logic. Spotted by coverity. Bugfix on 0.2.2.9-alpha. + - Fix a dereference-then-NULL-check sequence when publishing + descriptors. Bugfix on tor-0.2.1.5-alpha. Discovered by ekir, + fixes bug 1255. Changes in version 0.2.2.9-alpha - 2010-02-22 o Directory authority changes: diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c index e4dc5b3d3c..c42f834445 100644 --- a/src/or/rendcommon.c +++ b/src/or/rendcommon.c @@ -456,17 +456,17 @@ rend_encode_v2_descriptors(smartlist_t *descs_out, size_t ipos_len = 0, ipos_encrypted_len = 0; int k; uint32_t seconds_valid; - crypto_pk_env_t *service_key = auth_type == REND_STEALTH_AUTH ? - client_key : desc->pk; + crypto_pk_env_t *service_key; + if (!desc) { + log_warn(LD_BUG, "Could not encode v2 descriptor: No desc given."); + return -1; + } + service_key = (auth_type == REND_STEALTH_AUTH) ? client_key : desc->pk; tor_assert(service_key); if (auth_type == REND_STEALTH_AUTH) { descriptor_cookie = smartlist_get(client_cookies, 0); tor_assert(descriptor_cookie); } - if (!desc) { - log_warn(LD_REND, "Could not encode v2 descriptor: No desc given."); - return -1; - } /* Obtain service_id from public key. */ crypto_pk_get_digest(service_key, service_id); /* Calculate current time-period. */