From d4a74021e5ab9dbaf3bb27c0a52e1fd7f8f792ab Mon Sep 17 00:00:00 2001 From: teor Date: Fri, 20 Mar 2020 17:01:06 +1000 Subject: [PATCH] relay/dirauth: Set some output arguments in stubs And document how some functions set their output arguments. Fixes bug 33674; bugfix on 0.4.3.1-alpha. --- changes/bug33674 | 4 ++++ src/feature/dirauth/dirauth_config.h | 10 ++++++++-- src/feature/dirauth/dirvote.c | 24 ++++++++++++++++++++---- src/feature/dirauth/dirvote.h | 2 +- src/feature/dirauth/process_descs.c | 8 +++++--- src/feature/dirauth/process_descs.h | 11 ++++++----- src/feature/relay/relay_config.c | 7 ++++--- 7 files changed, 48 insertions(+), 18 deletions(-) create mode 100644 changes/bug33674 diff --git a/changes/bug33674 b/changes/bug33674 new file mode 100644 index 0000000000..bcc3fcab03 --- /dev/null +++ b/changes/bug33674 @@ -0,0 +1,4 @@ + o Minor bugfixes (--disable-module-relay,--disable-module-dirauth): + - Set some output arguments in the relay and dirauth module stubs, to + guard against future stub argument handling bugs like 33668. + Fixes bug 33674; bugfix on 0.4.3.1-alpha. diff --git a/src/feature/dirauth/dirauth_config.h b/src/feature/dirauth/dirauth_config.h index ede1207a83..9042ff8779 100644 --- a/src/feature/dirauth/dirauth_config.h +++ b/src/feature/dirauth/dirauth_config.h @@ -75,8 +75,14 @@ options_validate_dirauth_mode(const struct or_options_t *old_options, #define options_act_dirauth_mtbf(old_options) \ (((void)(old_options)),0) -#define options_act_dirauth_stats(old_options, print_notice_out) \ - (((void)(old_options)),((void)(print_notice_out)),0) +static inline int +options_act_dirauth_stats(const struct or_options_t *old_options, + bool *print_notice_out) +{ + (void)old_options; + *print_notice_out = 0; + return 0; +} #define dirauth_should_reject_requests_under_load() (false) diff --git a/src/feature/dirauth/dirvote.c b/src/feature/dirauth/dirvote.c index 9490867e82..e230815ca3 100644 --- a/src/feature/dirauth/dirvote.c +++ b/src/feature/dirauth/dirvote.c @@ -2527,9 +2527,12 @@ compute_consensus_package_lines(smartlist_t *votes) * any new signatures in src_voter_list that should be added to * target. (A signature should be added if we have no signature for that * voter in target yet, or if we have no verifiable signature and the - * new signature is verifiable.) Return the number of signatures added or - * changed, or -1 if the document signed by sigs isn't the same - * document as target. */ + * new signature is verifiable.) + * + * Return the number of signatures added or changed, or -1 if the document + * signatures are invalid. Sets *msg_out to a string constant + * describing the signature status. + */ STATIC int networkstatus_add_detached_signatures(networkstatus_t *target, ns_detached_signatures_t *sigs, @@ -3564,6 +3567,14 @@ dirvote_add_signatures_to_pending_consensus( return r; } +/** Helper: we just got the detached_signatures_body sent to us as + * signatures on the currently pending consensus. Add them to the pending + * consensus (if we have one). + * + * Set *msg to a string constant describing the status, regardless of + * success or failure. + * + * Return negative on failure, nonnegative on success. */ static int dirvote_add_signatures_to_all_pending_consensuses( const char *detached_signatures_body, @@ -3626,7 +3637,12 @@ dirvote_add_signatures_to_all_pending_consensuses( /** Helper: we just got the detached_signatures_body sent to us as * signatures on the currently pending consensus. Add them to the pending * consensus (if we have one); otherwise queue them until we have a - * consensus. Return negative on failure, nonnegative on success. */ + * consensus. + * + * Set *msg to a string constant describing the status, regardless of + * success or failure. + * + * Return negative on failure, nonnegative on success. */ int dirvote_add_signatures(const char *detached_signatures_body, const char *source, diff --git a/src/feature/dirauth/dirvote.h b/src/feature/dirauth/dirvote.h index f695e93abf..675f4ee148 100644 --- a/src/feature/dirauth/dirvote.h +++ b/src/feature/dirauth/dirvote.h @@ -162,7 +162,7 @@ dirvote_add_signatures(const char *detached_signatures_body, { (void) detached_signatures_body; (void) source; - (void) msg_out; + *msg_out = "No directory authority support"; /* If the dirauth module is disabled, this should NEVER be called else we * failed to safeguard the dirauth module. */ tor_assert_nonfatal_unreached(); diff --git a/src/feature/dirauth/process_descs.c b/src/feature/dirauth/process_descs.c index 5c918ca0b4..5025d0ae39 100644 --- a/src/feature/dirauth/process_descs.c +++ b/src/feature/dirauth/process_descs.c @@ -285,7 +285,7 @@ dirserv_load_fingerprint_file(void) * Return the appropriate router status. * * If the status is 'RTR_REJECT' and msg is provided, set - * *msg to an explanation of why. */ + * *msg to a string constant explaining why. */ uint32_t dirserv_router_get_status(const routerinfo_t *router, const char **msg, int severity) @@ -563,7 +563,8 @@ dirserv_router_has_valid_address(routerinfo_t *ri) /** Check whether we, as a directory server, want to accept ri. If so, * set its is_valid,running fields and return 0. Otherwise, return -1. * - * If the router is rejected, set *msg to an explanation of why. + * If the router is rejected, set *msg to a string constant explining + * why. * * If complain then explain at log-level 'notice' why we refused * a descriptor; else explain at log-level 'info'. @@ -729,7 +730,8 @@ dirserv_add_multiple_descriptors(const char *desc, size_t desclen, * That means the caller must not access ri after this function * returns, since it might have been freed. * - * Return the status of the operation. + * Return the status of the operation, and set *msg to a string + * constant describing the status. * * This function is only called when fresh descriptors are posted, not when * we re-load the cache. diff --git a/src/feature/dirauth/process_descs.h b/src/feature/dirauth/process_descs.h index 9c13692778..1461ab697d 100644 --- a/src/feature/dirauth/process_descs.h +++ b/src/feature/dirauth/process_descs.h @@ -98,7 +98,7 @@ dirserv_add_multiple_descriptors(const char *desc, size_t desclen, (void)desclen; (void)purpose; (void)source; - (void)msg; + *msg = "No directory authority support"; return (enum was_router_added_t)0; } static inline enum was_router_added_t @@ -107,8 +107,8 @@ dirserv_add_descriptor(routerinfo_t *ri, const char *source) { (void)ri; - (void)msg; (void)source; + *msg = "No directory authority support"; return (enum was_router_added_t)0; } static inline int @@ -125,9 +125,9 @@ authdir_wants_to_reject_router(routerinfo_t *ri, const char **msg, int *valid_out) { (void)ri; - (void)msg; (void)complain; - (void)valid_out; + *msg = "No directory authority support"; + *valid_out = 0; return 0; } static inline int @@ -143,8 +143,9 @@ dirserv_router_get_status(const routerinfo_t *router, int severity) { (void)router; - (void)msg; (void)severity; + if (msg) + *msg = "No directory authority support"; return 0; } static inline void diff --git a/src/feature/relay/relay_config.c b/src/feature/relay/relay_config.c index c8b40ae054..3e9961f47e 100644 --- a/src/feature/relay/relay_config.c +++ b/src/feature/relay/relay_config.c @@ -231,8 +231,8 @@ check_server_ports(const smartlist_t *ports, } /** Parse all relay ports from options. On success, add parsed ports to - * ports, and return 0. On failure, set *msg to a description - * of the problem and return -1. + * ports, and return 0. On failure, set *msg to a newly + * allocated string describing the problem, and return -1. **/ int port_parse_ports_relay(or_options_t *options, @@ -334,7 +334,8 @@ port_update_port_set_relay(or_options_t *options, * Legacy validation function, which checks that the current OS is usable in * relay mode, if options is set to a relay mode. * - * Warns about OSes with potential issues. Always returns 0. + * Warns about OSes with potential issues. Does not set *msg. + * Always returns 0. */ int options_validate_relay_os(const or_options_t *old_options,