Also raise the check for 0 circuit ID in created cell.

And add a comment about why conditions that would cause us to drop a cell should get checked before actions that would cause us to send a destroy cell. Spotted by 'cypherpunks'. And note that these issues have been present since 0.0.8pre1 (commit 0da256ef), where we added a "shutting down" state, and started responding to all create cells with DESTROY when shutting down.
2024-11-24 12:23:32 +01:00 · 2014-06-11 09:33:20 -04:00 · 2014-06-11 09:33:20 -04:00 · f9f450d688
commit f9f450d688
parent af53e4bd1c
2 changed files with 15 additions and 11 deletions
--- a/changes/bug12191
+++ b/changes/bug12191
@ -1,6 +1,7 @@
  o Minor bugfixes:

-    - We now drop CREATE cells for already-existent circuit IDs, regardless
-      of other factors that might otherwise have called for DESTROY cells.
-      Fixes bug 12191; bugfix on 0.2.???
+    - We now drop CREATE cells for already-existent circuit IDs and
+      for zero-valued circuit IDs, regardless of other factors that
+      might otherwise have called for DESTROY cells.  Fixes bug 12191;
+      bugfix on 0.0.8pre1.

--- a/src/or/command.c
+++ b/src/or/command.c
@ -227,6 +227,17 @@ command_process_create_cell(cell_t *cell, channel_t *chan)
            (unsigned)cell->circ_id,
            U64_PRINTF_ARG(chan->global_identifier), chan);

+  /* We check for the conditions that would make us drop the cell before
+   * we check for the conditions that would make us send a DESTROY back,
+   * since those conditions would make a DESTROY nonsensical. */
+  if (cell->circ_id == 0) {
+    log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+           "Received a create cell (type %d) from %s with zero circID; "
+           " ignoring.", (int)cell->command,
+           channel_get_actual_remote_descr(chan));
+    return;
+  }
+
  if (circuit_id_in_use_on_channel(cell->circ_id, chan)) {
    const node_t *node = node_get_by_id(chan->identity_digest);
    log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
@ -265,14 +276,6 @@ command_process_create_cell(cell_t *cell, channel_t *chan)
    return;
  }

-  if (cell->circ_id == 0) {
-    log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
-           "Received a create cell (type %d) from %s with zero circID; "
-           " ignoring.", (int)cell->command,
-           channel_get_actual_remote_descr(chan));
-    return;
-  }
-
  /* If the high bit of the circuit ID is not as expected, close the
   * circ. */
  if (chan->wide_circ_ids)