hs: Fix assert in hs_metrics_update_by_ident()

The hs_metrics_failed_rdv() macro could pass a NULL value for the identity key
when a building circuit would end up in a failure path *before* the "hs_ident"
was able to be set which leading to this assert.

This was introduced in 0.4.8.1-alpha with the addition of rendezvous circuit
failure metrics for the MetricsPort.

This fixes TROVE-2023-006 for which its severity is considered high.

Signed-off-by: David Goulet <dgoulet@torproject.org>
This commit is contained in:
David Goulet 2023-11-07 13:50:28 -05:00
parent c7d8501da8
commit e62b8bce5a
2 changed files with 10 additions and 1 deletions

4
changes/ticket40883 Normal file
View File

@ -0,0 +1,4 @@
o Major bugfixes (onion service, TROVE-2023-006):
- Fix a possible hard assert on a NULL pointer when recording a failed
rendezvous circuit on the service side for the MetricsPort. Fixes bug
40883; bugfix on 0.4.8.1-alpha

View File

@ -199,7 +199,12 @@ hs_metrics_update_by_ident(const hs_metrics_key_t key,
{
hs_service_t *service;
tor_assert(ident_pk);
if (!ident_pk) {
/* We can end up here in case this is used from a failure/closing path for
* which we might not have any identity key attacehed to a circuit or
* connection yet. Simply don't assume we have one. */
return;
}
service = hs_service_find(ident_pk);
if (!service) {