nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 13:43:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
18,966 Commits 53 Branches 630 Tags 125 MiB
6d886787e3
Commit Graph

18966 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Mathewson
bce32e0a35 Fix more (void*)11 warnings in the tests 2014-09-02 15:40:47 -04:00
Nick Mathewson
a14c6cb70f Make iter for DECLARE_TYPED_DIGESTMAP_FNS be a pointer. 
This fixes a clangalyzer warning, and makes our C slightly better C.
 2014-09-02 15:40:04 -04:00
Nick Mathewson
44f0dfa53b Use real pointers in unit tests, not (void*)101 etc 
The clangalyzer hates (void*)101 etc
 2014-09-02 13:56:54 -04:00
Nick Mathewson
32b88d2565 Don't include a backtrace test for dereferencing 0 under analyzers 
They hate this.
 2014-09-02 13:56:31 -04:00
Nick Mathewson
9b850f9200 Add more assertions to esc_for_log to please the clangalyzer. 2014-09-02 13:29:45 -04:00
Nick Mathewson
07a16b3372 Add an assertion to read_file_to_str_until_eof 
The clangalyzer doesn't believe our math here.  I'm pretty sure our
math is right.  Also, add some unit tests.
 2014-09-02 13:29:11 -04:00
Nick Mathewson
1a2f2c163f Explicitly initialize addresses in tor_ersatz_socketpair 
This should stop a false positive from the clangalyzer.
 2014-09-02 12:58:32 -04:00
Nick Mathewson
57c48bf734 Apply the MALLOC_ZERO_WORKS fixup to tor_realloc as well. 
Also, make MALLOC_ZERO_WORKS never get applied when clang analyzer is
running.  This should make the clangalyzer a little happier.
 2014-09-02 12:55:20 -04:00
Nick Mathewson
00ffccd9a6 Another clang analyzer complaint wrt HT_GENERATE 
We're calling mallocfn() and reallocfn() in the HT_GENERATE macro
with the result of a product.  But that makes any sane analyzer
worry about overflow.

This patch keeps HT_GENERATE having its old semantics, since we
aren't the only project using ht.h.  Instead, define a HT_GENERATE2
that takes a reallocarrayfn.
 2014-09-02 12:48:34 -04:00
Nick Mathewson
e3c143f521 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-09-02 11:58:08 -04:00
Nick Mathewson
efcab43956 Fix a number of clang analyzer false-positives 
Most of these are in somewhat non-obvious code where it is probably
a good idea to initialize variables and add extra assertions anyway.

Closes 13036.  Patches from "teor".
 2014-09-02 11:56:56 -04:00
Nick Mathewson
67c0ad5426 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-09-01 16:23:34 -04:00
rl1987
8139db3725 Adding changes file. 2014-09-01 16:22:52 -04:00
Nick Mathewson
87f9c51f64 Avoid unsigned/sign compare warning from last patch. 2014-09-01 15:42:17 -04:00
Philip Van Hoof
60a3897ed9 Bounds check while looping over a fixed size table or array 
(Edited to use existing ARRAY_LENGTH macro --nickm)
 2014-09-01 15:40:47 -04:00
Nick Mathewson
f113a263de Merge remote-tracking branch 'origin/maint-0.2.5' 2014-08-29 16:45:56 -04:00
Nick Mathewson
41058dce95 Merge remote-tracking branch 'arma/bug12996b' into maint-0.2.5 2014-08-29 16:44:50 -04:00
Roger Dingledine
7a878c192f Downgrade "Unexpected onionskin length after decryption" warning 
It's now a protocol-warn, since there's nothing relay operators can
do about a client that sends them a malformed create cell.

Resolves bug 12996; bugfix on 0.0.6rc1.
 2014-08-29 16:38:54 -04:00
Nick Mathewson
d6fa8239c8 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-08-29 16:13:04 -04:00
Nick Mathewson
4a6f5bb2dd Improve "Tried to establish rendezvous on non-OR or non-edge circuit" 
Instead of putting it all in one warning message, log what exactly
was wrong with the circuit.

Resolves ticket 12997.
 2014-08-29 16:05:58 -04:00
Nick Mathewson
573d62748a Fix some coverity warnings in new routerset tests 2014-08-29 15:09:27 -04:00
dana koch
c887e20e6a Introduce full coverage tests for module routerset.c. 
This is using the paradigm introduced for test_status.c.
 2014-08-29 12:55:28 -04:00
Nick Mathewson
cc3b04a8c1 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-08-28 08:36:00 -04:00
Roger Dingledine
37a76d75dd Resume expanding abbreviations for command-line options 
The fix for bug 4647 accidentally removed our hack from bug 586 that
rewrote HashedControlPassword to __HashedControlSessionPassword when
it appears on the commandline (which allowed the user to set her own
HashedControlPassword in the torrc file while the controller generates
a fresh session password for each run).

Fixes bug 12948; bugfix on 0.2.5.1-alpha.
 2014-08-28 08:33:43 -04:00
Nick Mathewson
9f9b19ed7b Initialize crash handler in unit tests 
This way, we don't get locking failures when we hit an assertion in
the unit tests.  Also, we might find out about unit test bugs from
folks who can't do gdb.
 2014-08-27 20:03:00 -04:00
intrigeri
9f0161f73d Add changes file for #12751. 2014-08-27 03:33:05 +00:00
intrigeri
a8dd279fa5 Add changes file for #12939. 2014-08-27 03:32:20 +00:00
intrigeri
b4170421cc systemd unit file: ensures that the process and all its children can never gain 
new privileges (#12939).
 2014-08-27 03:18:26 +00:00
intrigeri
c9f30c4512 systemd unit file: only allow tor to write to /var/lib/tor and /var/log/tor (#12751). 
The rest of the filesystem is accessible for reading only. Still, quoting
systemd.exec(5):

  Note that restricting access with these options does not extend to submounts
  of a directory that are created later on.
 2014-08-27 03:13:53 +00:00
Nick Mathewson
fdb7fc70d0 Merge remote-tracking branch 'public/bug10163' 2014-08-26 09:44:16 -04:00
Nick Mathewson
051dd9c409 Remove the assigned-but-unused chosen_named_idx local variable 
It had been used in consensus method 1.  But now that 13 is the
minimum (see #10163), we don't need it around.

Found by sysrqb.
 2014-08-25 11:26:08 -04:00
Nick Mathewson
72ba1739e2 Fix another memory leak case in sandbox.c:prot_strings() 
This is related to the rest of 523587a5cf
 2014-08-25 11:14:31 -04:00
Nick Mathewson
9222707e5c Use the ARRAY_LENGTH macro more consistently. 2014-08-24 13:35:48 -04:00
Nick Mathewson
15be51b41d Remove the non-implemented versions of the sandbox _array() functions 2014-08-24 13:35:30 -04:00
Nick Mathewson
991545acf1 Whitespace fixes 2014-08-24 13:32:39 -04:00
Nick Mathewson
7c1143e11f Terser ways to sandbox-allow related filenames 
Using the *_array() functions here confused coverity, and was actually
a bit longer than we needed.  Now we just use macros for the repeated
bits, so that we can mention a file and a suffix-appended version in
one line.
 2014-08-24 13:30:55 -04:00
Nick Mathewson
59e114832e Merge branch 'bug11792_1_squashed' 
Conflicts:
	src/or/circuitlist.c
 2014-08-24 13:09:08 -04:00
Nick Mathewson
d6033843a4 When looking for conns to close, count the age of linked queued data 
Specifically, count the age of the data queued in a linked directory
connection's buffers when counting a stream's age.
 2014-08-24 13:04:45 -04:00
Nick Mathewson
68e430a6fb Kill non-tunneled directory connections when handling OOM. 
Another part of 11792.
 2014-08-24 13:04:38 -04:00
Nick Mathewson
8e55cafd67 Count zlib buffer memory towards OOM totals. 
Part of 11792.

(Uses the zlib-endorsed formula for memory needs for inflate/deflate
from "zconf.h".)
 2014-08-24 13:04:27 -04:00
Nick Mathewson
d31bcc4b23 Tidy status handling in rendservice.c 
We had some code to fix up the 'status' return value to -1 on error
if it wasn't set, but it was unreachable because our code was
correct.  Tweak this by initializing status to -1, and then only
setting it to 0 on success.  Also add a goto which was missing: its
absence was harmless.

[CID 718614, 718616]
 2014-08-22 12:23:01 -04:00
Nick Mathewson
a8cc41a230 Merge branch 'coverity_20140821' 2014-08-21 12:14:00 -04:00
Nick Mathewson
523587a5cf fix memory leak on failure in sandbox.c:prot_strings() 
[CID 1205014]
 2014-08-21 11:40:48 -04:00
Nick Mathewson
35b2e11755 Store sandbox params as char *, since that's what they are. 
This allows coverity to infer that we aren't leaking them.

[Fixes a lot of CIDs]
 2014-08-21 11:22:42 -04:00
Nick Mathewson
446e481c90 Check for duplicate arguments to tor-gencert 
Found by coverity, which noticed that if you said
  tor-gencert -i identity1 -i identity2
we would leak "identity1".

[CID 1198201, 1198202, 1198203]
 2014-08-21 11:22:42 -04:00
Nick Mathewson
a66fff6381 Mark one use of networkstatus_check_document_signature as (void) 
Also explain why we aren't checking its return value.

[CID 1198197]
 2014-08-21 11:22:42 -04:00
Nick Mathewson
059e33de59 remove meaningless checks for chunks==NULL in dirserv stuff 
Also, make it clearer that chunks cannot be NULL

[CID 1031750, 1031751]
 2014-08-21 11:22:42 -04:00
Nick Mathewson
917e1042f7 Suppress coverity warning about overflowing in safe_mem_is_zero 
The unsigned underflow here is defined and intentional.

CID 202482
 2014-08-21 11:22:42 -04:00
Nick Mathewson
7bc25b5a78 Avoid performing an assert on an always-true value 
This was freaking out coverity.

[CID 743379]
 2014-08-21 11:22:42 -04:00
Nick Mathewson
c43e45d0ea Suppress coverity warning about overflowing in tor_memeq. 
The unsigned underflow here is defined and intentional.

CID 202482
 2014-08-21 10:44:13 -04:00