From f36c36f4a881d15d2187efbc59becb5195d0bf09 Mon Sep 17 00:00:00 2001 From: Sebastian Hahn Date: Tue, 23 Feb 2010 17:09:02 +0100 Subject: [PATCH] Proper NULL checking for hsdesc publication Fix a dereference-then-NULL-check sequence. This bug wasn't triggered in the wild, but we should fix it anyways in case it ever happens. Also make sure users get a note about this being a bug when they see it in their log. Thanks to ekir for discovering and reporting this bug. --- ChangeLog | 4 ++++ src/or/rendcommon.c | 12 ++++++------ 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index 24b0cc6d1a..525a00b378 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,10 @@ Changes in version 0.2.1.25 - 2010-??-?? - When freeing a cipher, zero it out completely. We only zeroed the first ptrsize bytes. Bugfix on tor-0.0.2pre8. Discovered and patched by ekir. Fixes bug 1254. + o Minor bugfixes: + - Fix a dereference-then-NULL-check sequence when publishing + descriptors. Bugfix on tor-0.2.1.5-alpha. Discovered by ekir, + fixes bug 1255. Changes in version 0.2.1.24 - 2010-02-21 Tor 0.2.1.24 makes Tor work again on the latest OS X -- this time diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c index d21eb42efe..a625900cdf 100644 --- a/src/or/rendcommon.c +++ b/src/or/rendcommon.c @@ -451,17 +451,17 @@ rend_encode_v2_descriptors(smartlist_t *descs_out, size_t ipos_len = 0, ipos_encrypted_len = 0; int k; uint32_t seconds_valid; - crypto_pk_env_t *service_key = auth_type == REND_STEALTH_AUTH ? - client_key : desc->pk; + crypto_pk_env_t *service_key; + if (!desc) { + log_warn(LD_BUG, "Could not encode v2 descriptor: No desc given."); + return -1; + } + service_key = (auth_type == REND_STEALTH_AUTH) ? client_key : desc->pk; tor_assert(service_key); if (auth_type == REND_STEALTH_AUTH) { descriptor_cookie = smartlist_get(client_cookies, 0); tor_assert(descriptor_cookie); } - if (!desc) { - log_warn(LD_REND, "Could not encode v2 descriptor: No desc given."); - return -1; - } /* Obtain service_id from public key. */ crypto_pk_get_digest(service_key, service_id); /* Calculate current time-period. */