Nick Mathewson
44f0dfa53b
Use real pointers in unit tests, not (void*)101 etc
...
The clangalyzer hates (void*)101 etc
2014-09-02 13:56:54 -04:00
Nick Mathewson
32b88d2565
Don't include a backtrace test for dereferencing 0 under analyzers
...
They hate this.
2014-09-02 13:56:31 -04:00
Nick Mathewson
9b850f9200
Add more assertions to esc_for_log to please the clangalyzer.
2014-09-02 13:29:45 -04:00
Nick Mathewson
07a16b3372
Add an assertion to read_file_to_str_until_eof
...
The clangalyzer doesn't believe our math here. I'm pretty sure our
math is right. Also, add some unit tests.
2014-09-02 13:29:11 -04:00
Nick Mathewson
1a2f2c163f
Explicitly initialize addresses in tor_ersatz_socketpair
...
This should stop a false positive from the clangalyzer.
2014-09-02 12:58:32 -04:00
Nick Mathewson
57c48bf734
Apply the MALLOC_ZERO_WORKS fixup to tor_realloc as well.
...
Also, make MALLOC_ZERO_WORKS never get applied when clang analyzer is
running. This should make the clangalyzer a little happier.
2014-09-02 12:55:20 -04:00
Nick Mathewson
00ffccd9a6
Another clang analyzer complaint wrt HT_GENERATE
...
We're calling mallocfn() and reallocfn() in the HT_GENERATE macro
with the result of a product. But that makes any sane analyzer
worry about overflow.
This patch keeps HT_GENERATE having its old semantics, since we
aren't the only project using ht.h. Instead, define a HT_GENERATE2
that takes a reallocarrayfn.
2014-09-02 12:48:34 -04:00
Nick Mathewson
e3c143f521
Merge remote-tracking branch 'origin/maint-0.2.5'
2014-09-02 11:58:08 -04:00
Nick Mathewson
efcab43956
Fix a number of clang analyzer false-positives
...
Most of these are in somewhat non-obvious code where it is probably
a good idea to initialize variables and add extra assertions anyway.
Closes 13036. Patches from "teor".
2014-09-02 11:56:56 -04:00
Nick Mathewson
67c0ad5426
Merge remote-tracking branch 'origin/maint-0.2.5'
2014-09-01 16:23:34 -04:00
rl1987
8139db3725
Adding changes file.
2014-09-01 16:22:52 -04:00
Nick Mathewson
87f9c51f64
Avoid unsigned/sign compare warning from last patch.
2014-09-01 15:42:17 -04:00
Philip Van Hoof
60a3897ed9
Bounds check while looping over a fixed size table or array
...
(Edited to use existing ARRAY_LENGTH macro --nickm)
2014-09-01 15:40:47 -04:00
Nick Mathewson
f113a263de
Merge remote-tracking branch 'origin/maint-0.2.5'
2014-08-29 16:45:56 -04:00
Nick Mathewson
41058dce95
Merge remote-tracking branch 'arma/bug12996b' into maint-0.2.5
2014-08-29 16:44:50 -04:00
Roger Dingledine
7a878c192f
Downgrade "Unexpected onionskin length after decryption" warning
...
It's now a protocol-warn, since there's nothing relay operators can
do about a client that sends them a malformed create cell.
Resolves bug 12996; bugfix on 0.0.6rc1.
2014-08-29 16:38:54 -04:00
Nick Mathewson
d6fa8239c8
Merge remote-tracking branch 'origin/maint-0.2.5'
2014-08-29 16:13:04 -04:00
Nick Mathewson
4a6f5bb2dd
Improve "Tried to establish rendezvous on non-OR or non-edge circuit"
...
Instead of putting it all in one warning message, log what exactly
was wrong with the circuit.
Resolves ticket 12997.
2014-08-29 16:05:58 -04:00
Nick Mathewson
573d62748a
Fix some coverity warnings in new routerset tests
2014-08-29 15:09:27 -04:00
dana koch
c887e20e6a
Introduce full coverage tests for module routerset.c.
...
This is using the paradigm introduced for test_status.c.
2014-08-29 12:55:28 -04:00
Nick Mathewson
cc3b04a8c1
Merge remote-tracking branch 'origin/maint-0.2.5'
2014-08-28 08:36:00 -04:00
Roger Dingledine
37a76d75dd
Resume expanding abbreviations for command-line options
...
The fix for bug 4647 accidentally removed our hack from bug 586 that
rewrote HashedControlPassword to __HashedControlSessionPassword when
it appears on the commandline (which allowed the user to set her own
HashedControlPassword in the torrc file while the controller generates
a fresh session password for each run).
Fixes bug 12948; bugfix on 0.2.5.1-alpha.
2014-08-28 08:33:43 -04:00
Nick Mathewson
9f9b19ed7b
Initialize crash handler in unit tests
...
This way, we don't get locking failures when we hit an assertion in
the unit tests. Also, we might find out about unit test bugs from
folks who can't do gdb.
2014-08-27 20:03:00 -04:00
Nick Mathewson
fdb7fc70d0
Merge remote-tracking branch 'public/bug10163'
2014-08-26 09:44:16 -04:00
Nick Mathewson
051dd9c409
Remove the assigned-but-unused chosen_named_idx local variable
...
It had been used in consensus method 1. But now that 13 is the
minimum (see #10163 ), we don't need it around.
Found by sysrqb.
2014-08-25 11:26:08 -04:00
Nick Mathewson
72ba1739e2
Fix another memory leak case in sandbox.c:prot_strings()
...
This is related to the rest of 523587a5cf
2014-08-25 11:14:31 -04:00
Nick Mathewson
9222707e5c
Use the ARRAY_LENGTH macro more consistently.
2014-08-24 13:35:48 -04:00
Nick Mathewson
15be51b41d
Remove the non-implemented versions of the sandbox _array() functions
2014-08-24 13:35:30 -04:00
Nick Mathewson
991545acf1
Whitespace fixes
2014-08-24 13:32:39 -04:00
Nick Mathewson
7c1143e11f
Terser ways to sandbox-allow related filenames
...
Using the *_array() functions here confused coverity, and was actually
a bit longer than we needed. Now we just use macros for the repeated
bits, so that we can mention a file and a suffix-appended version in
one line.
2014-08-24 13:30:55 -04:00
Nick Mathewson
59e114832e
Merge branch 'bug11792_1_squashed'
...
Conflicts:
src/or/circuitlist.c
2014-08-24 13:09:08 -04:00
Nick Mathewson
d6033843a4
When looking for conns to close, count the age of linked queued data
...
Specifically, count the age of the data queued in a linked directory
connection's buffers when counting a stream's age.
2014-08-24 13:04:45 -04:00
Nick Mathewson
68e430a6fb
Kill non-tunneled directory connections when handling OOM.
...
Another part of 11792.
2014-08-24 13:04:38 -04:00
Nick Mathewson
8e55cafd67
Count zlib buffer memory towards OOM totals.
...
Part of 11792.
(Uses the zlib-endorsed formula for memory needs for inflate/deflate
from "zconf.h".)
2014-08-24 13:04:27 -04:00
Nick Mathewson
d31bcc4b23
Tidy status handling in rendservice.c
...
We had some code to fix up the 'status' return value to -1 on error
if it wasn't set, but it was unreachable because our code was
correct. Tweak this by initializing status to -1, and then only
setting it to 0 on success. Also add a goto which was missing: its
absence was harmless.
[CID 718614, 718616]
2014-08-22 12:23:01 -04:00
Nick Mathewson
a8cc41a230
Merge branch 'coverity_20140821'
2014-08-21 12:14:00 -04:00
Nick Mathewson
523587a5cf
fix memory leak on failure in sandbox.c:prot_strings()
...
[CID 1205014]
2014-08-21 11:40:48 -04:00
Nick Mathewson
35b2e11755
Store sandbox params as char *, since that's what they are.
...
This allows coverity to infer that we aren't leaking them.
[Fixes a lot of CIDs]
2014-08-21 11:22:42 -04:00
Nick Mathewson
446e481c90
Check for duplicate arguments to tor-gencert
...
Found by coverity, which noticed that if you said
tor-gencert -i identity1 -i identity2
we would leak "identity1".
[CID 1198201, 1198202, 1198203]
2014-08-21 11:22:42 -04:00
Nick Mathewson
a66fff6381
Mark one use of networkstatus_check_document_signature as (void)
...
Also explain why we aren't checking its return value.
[CID 1198197]
2014-08-21 11:22:42 -04:00
Nick Mathewson
059e33de59
remove meaningless checks for chunks==NULL in dirserv stuff
...
Also, make it clearer that chunks cannot be NULL
[CID 1031750, 1031751]
2014-08-21 11:22:42 -04:00
Nick Mathewson
917e1042f7
Suppress coverity warning about overflowing in safe_mem_is_zero
...
The unsigned underflow here is defined and intentional.
CID 202482
2014-08-21 11:22:42 -04:00
Nick Mathewson
7bc25b5a78
Avoid performing an assert on an always-true value
...
This was freaking out coverity.
[CID 743379]
2014-08-21 11:22:42 -04:00
Nick Mathewson
c43e45d0ea
Suppress coverity warning about overflowing in tor_memeq.
...
The unsigned underflow here is defined and intentional.
CID 202482
2014-08-21 10:44:13 -04:00
Nick Mathewson
0de7565dfd
Check return values for fcntl in tor_spawn_background.
...
[CID 718609]
2014-08-21 10:38:19 -04:00
Nick Mathewson
377b5c0510
Allow rend_service_intro_free to get called with NULL
...
(We allowed it previously, but produced an LD_BUG message when it
happened, which is not consistent
Also, remove inconsistent NULL checks before calling
rend_service_intro_free.
(Removing the check is for CID 718613)
2014-08-21 10:34:29 -04:00
Nick Mathewson
c9cac69ac6
Remove a dead check for errmsg in handle_control_authenticate
...
Coverity doesn't like doing NULL checks on things that can't be
NULL; I like checking things where the logic for their not being
NULL is nontrivial. Let's compromise, and make it obvious that this
field can't be NULL.
[Coverity CID 202004]
2014-08-21 10:27:43 -04:00
Nick Mathewson
e6a05c1c54
Add a missing goto to an unusable branch and make the branch LD_BUG.
...
(It's LD_BUG to reach this point because the hashed password values
were tested earlier from options_validate)
[Coverity CID 1232091]
2014-08-21 10:21:17 -04:00
Nick Mathewson
2a0a5fe612
Explicitly cast when dividing ints then implicitly casting to double.
...
Coverity thinks that when we do "double x = int1/int2;", we probably
meant "double x = ((double)int1) / int2;". In these cases, we
didn't.
[Coverity CID 1232089 and 1232090]
2014-08-21 10:19:26 -04:00
Nick Mathewson
b6a725c67e
Fix memory leaks in test_entrynodes.c
...
[Coverity CID 1232087 and 1232088]
2014-08-21 10:18:17 -04:00