Commit Graph

15438 Commits

Author SHA1 Message Date
Nick Mathewson
6102efbee2 Merge remote-tracking branch 'teor/fix-exitpolicy-leak' 2015-12-09 16:25:17 -05:00
Nick Mathewson
631e3517e3 Mark a couple more arguments as unused. 2015-12-09 11:58:32 -05:00
cypherpunks
91ab2ac5aa Assert that memory held by rephist is freed
The internal memory allocation and history object counters of the
reputation code can be used to verify the correctness of (part of) the
code. Using these counters revealed an issue where the memory allocation
counter is not decreased when the bandwidth arrays are freed.

A new function ensures the memory allocation counter is decreased when a
bandwidth array is freed.

This commit also removes an unnecessary cast which was found while
working on the code.
2015-12-09 11:31:17 -05:00
Nick Mathewson
b3eba8ef12 Merge branch 'refactor-effective-entry' 2015-12-09 11:05:41 -05:00
Nick Mathewson
580d788b3f Tweak policies_log_first_redundant_entry even more
* Use smartlist_foreach_begin/end instead of a plain for loop.
  * constify the pointers.
2015-12-09 11:04:57 -05:00
Nick Mathewson
db433b8dc3 Tweak policies_log_first_redundant_entry more.
* Since the variable is no longer modified, it should be called
     'policy' instead of 'dest'.  ("Dest" is short for
     "destination".)
   * Fixed the space issue that dgoulet found on the ticket.
   * Fixed the comment a little. (We use the imperative for function
     documentation.)
2015-12-09 11:02:15 -05:00
Nick Mathewson
caff665309 Merge remote-tracking branch 'teor/first-hop-no-private' 2015-12-09 10:47:59 -05:00
cypherpunks
c76059ec9b Assert that the directory server digest is given
This prevents a possible crash when memory is copied from a pointer to
NULL.
2015-12-09 10:22:26 -05:00
cypherpunks
fbdd32ebe9 Mention the expected length of the digests
Some functions that use digest maps did not mention that the digests are
expected to have DIGEST_LEN bytes. This lead to buffer over-reads in the
past.
2015-12-09 10:22:26 -05:00
cypherpunks
0a97a3095b Remove unnecessary casting 2015-12-09 10:22:26 -05:00
cypherpunks
c94aa4573a Fix buffer over-reads in the rendcache tests
The hidden service descriptor cache (rendcache) tests use digest maps
which expect keys to have a length of DIGEST_LEN.

Because the tests use key strings with a length lower than DIGEST_LEN,
the internal copy operation reads outside the key strings which leads to
buffer over-reads.

The issue is resolved by using character arrays with a size of
DIGEST_LEN.

Patch on ade5005853.
2015-12-09 10:22:26 -05:00
cypherpunks
3d0d2a511c Fix buffer over-reads in the directory tests
The tests pass empty digest strings to the dir_server_new function which
copies it into a directory server structure. The copy operation expects
the digest strings to be DIGEST_LEN characters long.

Because the length of the empty digest strings are lower than
DIGEST_LEN, the copy operation reads outside the digest strings which
leads to buffer over-reads.

The issue is resolved by using character arrays with a size of
DIGEST_LEN.

Patch on 4ff08bb581.
2015-12-09 10:22:26 -05:00
Nick Mathewson
3a69fcb01f try a little harder with getrandom types to avoid warnings 2015-12-09 08:31:29 -05:00
Nick Mathewson
0df014edad mark a variable unused. 2015-12-08 17:17:17 -05:00
Nick Mathewson
b701b7962b Fix comment switcheroo. Spotted by skruffy 2015-12-08 12:53:51 -05:00
Nick Mathewson
9ce431f032 Fix spaces. 2015-12-08 12:37:36 -05:00
Nick Mathewson
7f074e08d8 Merge branch 'feature13696_squashed' 2015-12-08 12:35:26 -05:00
Yawning Angel
353c71516e Add support for getrandom() and getentropy() when available
Implements feature #13696.
2015-12-08 12:34:53 -05:00
Nick Mathewson
252149e8b4 Merge branch 'maint-0.2.7' 2015-12-08 10:23:56 -05:00
Nick Mathewson
c6a337557a Merge branch 'maint-0.2.6' into maint-0.2.7 2015-12-08 10:23:41 -05:00
Nick Mathewson
1adc2bf66f Merge branch 'maint-0.2.5' into maint-0.2.6 2015-12-08 10:20:21 -05:00
Nick Mathewson
c3d11b119d Merge branch 'maint-0.2.4' into maint-0.2.5 2015-12-08 10:20:14 -05:00
Arlo Breault
5138f5ca69 Ensure node is a guard candidate when picking a directory guard 2015-12-08 09:49:01 -05:00
Nick Mathewson
4328525770 Merge branch 'maint-0.2.4' into maint-0.2.5 2015-12-08 09:38:48 -05:00
Nick Mathewson
b0867fec96 Fix a compilation warning introduced by clang 3.6
There was a dead check when we made sure that an array member of a
struct was non-NULL.  Tor has been doing this check since at least
0.2.3, maybe earlier.

Fixes bug 17781.
2015-12-08 09:37:05 -05:00
cypherpunks
95c03b29de Fix memory leak by circuit marked for close list
This commit fixes a memory leak introduced by commit
8b4e5b7ee9.
2015-12-08 08:52:10 -05:00
Nick Mathewson
1321608786 Merge branch 'maint-0.2.7' 2015-12-08 08:45:09 -05:00
Nick Mathewson
e9bf584694 Format IPv6 policies correctly.
Previously we'd suppressed the mask-bits field in the output when
formatting a policy if it was >=32.  But that should be a >=128 if
we're talking about IPv6.

Since we didn't put these in descriptors, this bug affects only log
messages and controller outputs.

Fix for bug 16056.  The code in question was new in 0.2.0, but the
bug was introduced in 0.2.4 when we started supporting IPv6 exits.
2015-12-08 08:44:58 -05:00
cypherpunks
4ae555face Fix memory leak in ntor test 2015-12-08 08:28:27 -05:00
Nick Mathewson
79fdfd5231 Merge remote-tracking branch 'teor/exitpolicy-multicast' 2015-12-07 10:23:30 -05:00
Nick Mathewson
f727ebcba8 Merge remote-tracking branch 'teor/comments-20151204' 2015-12-07 10:13:20 -05:00
Nick Mathewson
0ec6757091 Merge branch 'maint-0.2.7' 2015-12-07 10:11:54 -05:00
Nick Mathewson
9c66afe772 Merge branch 'maint-0.2.6' into maint-0.2.7 2015-12-07 10:11:21 -05:00
Nick Mathewson
089ee13534 Merge branch 'maint-0.2.5' into maint-0.2.6 2015-12-07 10:10:44 -05:00
Nick Mathewson
e8e89fd7a1 Merge branch 'maint-0.2.4' into maint-0.2.5 2015-12-07 10:10:21 -05:00
teor (Tim Wilson-Brown)
329aa59e43 Comment-only change to connection_get_by_type_addr_port_purpose
connection_get_by_type_addr_port_purpose also ignores connections
that are marked for close.
2015-12-07 16:13:07 +11:00
teor (Tim Wilson-Brown)
b7525c39bf Comment-only changes to connection_connect
port is in host order (addr is tor_addr_t, endianness is abstracted).

addr and port can be different to conn->addr and conn->port if
connecting via a proxy.
2015-12-07 16:10:37 +11:00
teor (Tim Wilson-Brown)
3461bcb10e Move a comment in router_get_my_descriptor to the correct line 2015-12-07 16:10:37 +11:00
teor (Tim Wilson-Brown)
fb3e862b86 Update comment: get_connection_array no longer takes "n" 2015-12-07 16:10:37 +11:00
teor (Tim Wilson-Brown)
021958934f Consistently ignore multicast in internal reject private exit policies
Consistently ignore multicast addresses when automatically
generating reject private exit policies.

Closes ticket 17763. Bug fix on 10a6390deb,
not in any released version of Tor. Patch by "teor".
2015-12-07 14:46:19 +11:00
teor (Tim Wilson-Brown)
bca4095b93 Make policies_log_first_redundant_entry take a const smartlist_t *
Also fixup code style.
2015-12-06 21:34:52 +11:00
teor (Tim Wilson-Brown)
ba5053b45d Refactor policies_parse_exit_policy_internal
Move logging of redundant policy entries in
policies_parse_exit_policy_internal into its own function.

Closes ticket 17608; patch from "juce".
2015-12-06 21:32:09 +11:00
teor (Tim Wilson-Brown)
bb32c29986 Initialise configured_addresses to a known value (NULL) 2015-12-06 20:24:45 +11:00
cypherpunks
16bec0dfd9 Fix a memory leak in the exit policy parsing code
This memory leak only occurs when the Tor instance is not an exit node.

Fixes code introduced in 10a6390deb.
2015-12-06 20:24:07 +11:00
Karsten Loesing
dbb919cf94 Update geoip and geoip6 to the December 1 2015 database. 2015-12-05 17:02:59 +01:00
Nick Mathewson
ee5337e904 Merge branch 'maint-0.2.7' 2015-11-30 22:03:00 -05:00
cypherpunks
be0891667e Fix undefined behavior caused by memory overlap
The tor_cert_get_checkable_sig function uses the signing key included in
the certificate (if available) when a separate public key is not given.

When the signature is valid, the tor_cert_checksig function copies the
public key from the checkable structure to the public key field of the
certificate signing key.

In situations where the separate public key is not given but the
certificate includes a signing key, the source and destination pointers
in the copy operation are equal and invoke undefined behavior.

Undefined behaviour is avoided by ensuring both pointers are different.
2015-11-30 22:02:22 -05:00
teor (Tim Wilson-Brown)
7ff18cc1b6 Avoid relying on malloc internals in test_rend_cache_purge.
Closes ticket 17724. Bug fix on ade5005853 and 5e9f2384cf,
not in any released version of Tor. Patch by "teor".
2015-12-01 10:50:14 +11:00
Nick Mathewson
0a701e5377 More fixes/debugging attempts for 17659 2015-11-27 12:54:57 -05:00
Nick Mathewson
a33e9f208a Add a stack trace for help debugging one part of 17659 2015-11-27 12:11:51 -05:00