Commit Graph

919 Commits

Author SHA1 Message Date
Deepesh Pathak
ca6682f3f8 Fix spelling mistakes corresponding to ticket #23650 2018-02-07 10:41:57 -05:00
Nick Mathewson
c92ac9f5cb Convert the rest of src/common's headers to use FREE_AND_NULL 2017-12-08 14:47:19 -05:00
Nick Mathewson
35746a9ee7 Comment-only change: annotate exit() calls.
Sometimes when we call exit(), it's because the process is
completely hopeless: openssl has a broken AES-CTR implementation, or
the clock is in the 1960s, or something like that.

But sometimes, we should return cleanly from tor_main() instead, so
that embedders can keep embedding us and start another Tor process.

I've gone through all the exit() and _exit() calls to annotate them
with "exit ok" or "XXXX bad exit" -- the next step will be to fix
the bad exit()s.

First step towards 23848.
2017-10-19 13:42:28 -04:00
Nick Mathewson
a64d79ca4c Move around some LCOV_EXCLs in src/common
Apparently, my compiler now generates coverage markers for
label-only lines, so we need to exclude those too if they are meant
to be unreachable.
2017-09-28 09:25:17 -04:00
Nick Mathewson
76c33f7ff4 Merge branch 'scan-build-032' 2017-09-15 16:40:11 -04:00
Nick Mathewson
c1deabd3b0 Run our #else/#endif annotator on our source code. 2017-09-15 16:24:44 -04:00
Nick Mathewson
7a597718bb Split some long #if lines to make the #endif annotator happy 2017-09-15 16:24:21 -04:00
Nick Mathewson
9201e4c74b Merge branch 'bug23487_029' 2017-09-15 14:27:58 -04:00
Nick Mathewson
75659fd548 Use different variable names for pw_uid usages
Catalyst points out that using pw_uid for two different purposes
here is likely to be confusing.
2017-09-15 14:26:59 -04:00
teor
42e7d0ea14
Explain the restrictions on divisor in round*_to_next_multiple_of
Closes 23528.
2017-09-15 16:06:17 +10:00
Nick Mathewson
f2f729e26b Clear up dead-assignment warnings from scan-build 2017-09-12 21:32:34 -04:00
Nick Mathewson
a4847ffa91 clang scan-build: Fix "dead increment" warnings.
For the most part, these indicated a spot where the code could have
been better.
2017-09-12 19:03:04 -04:00
Nick Mathewson
7ee486c15f Log correctly on owner/user mismatch.
Found with clang's scan-build while looking at dead assignments.

Fixes bug 23487; bugfix on 1135405c8c in 0.2.9.1-alpha
2017-09-12 17:37:25 -04:00
Nick Mathewson
1098893e4f Exit when we can't write to a configured pid file
This is probably what the user wants, according to 20119.
2017-09-06 11:50:22 -04:00
Nick Mathewson
4b4b3afb56 Merge branch 'bug22802_squashed' 2017-08-28 10:23:05 -04:00
Nick Mathewson
b88d00fea3 Don't fall back to _atoi64
We only did this on windows when building with MSVC 6 and earlier,
which is now considered a screamingly bad idea.
2017-08-28 10:21:29 -04:00
Nick Mathewson
b4963da987 Treat a bad tor_spawn_background() as a BUG().
The contract is that, if may_spawn_background_process() is 0, you're
not even allowed to try to spawn a process.
2017-08-09 10:58:07 -04:00
Nick Mathewson
eb43401bfb Add a 'NoExec' option that causes tor_spawn_background() to fail
Core of an implementation for 22976.
2017-08-09 10:45:48 -04:00
Nick Mathewson
accb734c5f Turn base < 0 into a BUG() in our long-parse functions. 2017-07-28 10:26:06 -04:00
Nick Mathewson
d068f3359f Merge branch 'maint-0.3.0' into maint-0.3.1 2017-07-26 12:53:38 -04:00
Nick Mathewson
3c017e823b Merge branch 'maint-0.2.9' into maint-0.3.0 2017-07-26 12:53:38 -04:00
Nick Mathewson
fca1934c88 Suppress clang4-specific -Wdouble-promotion warnings
Wow, it sure seems like some compilers can't implement isnan() and
friends in a way that pleases themselves!

Fixes bug 22915. Bug trigged by 0.2.8.1-alpha and later; caused by
clang 4.
2017-07-26 12:53:00 -04:00
Nick Mathewson
55777b3ff9 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-07-05 16:11:48 -04:00
Nick Mathewson
15b13578e8 Merge branch 'maint-0.3.0' into maint-0.3.1 2017-07-05 16:11:48 -04:00
Nick Mathewson
dfc0614840 Only disable -Wfloat-conversion on mingw when it exists.
The 22081 fix disabled -Wfloat-conversion, but -Wfloat-conversion
didn't exist in every relevant mingw; it was added in GCC 4.9.x some
time, if the documentation can be trusted.

Bug not in any released version of tor.
2017-07-05 16:10:45 -04:00
Nick Mathewson
8bc70a2ad2 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-07-05 11:19:03 -04:00
Nick Mathewson
0f97f963e3 Merge branch 'maint-0.3.0' into maint-0.3.1 2017-07-05 11:19:03 -04:00
Nick Mathewson
bb97f680e7 Merge branch 'bug22801_028' into maint-0.2.9 2017-07-05 11:18:59 -04:00
Nick Mathewson
5361032219 Fix -Wfloat-conversion C warnings on mingw in clamp_double_to_int64.
We just have to suppress these warnings: Mingw's math.h uses gcc's
__builtin_choose_expr() facility to declare isnan, isfinite, and
signbit.  But as implemented in at least some versions of gcc,
__builtin_choose_expr() can generate type warnings even from
branches that are not taken.

Fixes bug 22801; bugfix on 0.2.8.1-alpha.
2017-07-03 10:59:31 -04:00
teor
af98b862a5
Fix comments of functions that return tor_snprintf
No code changes needed: in the places where we actually check the
return value of these functions, we handle it correctly.
2017-05-23 18:44:45 +10:00
Nick Mathewson
ff1af5550a strlen() returns size_t 2017-05-19 08:54:56 -04:00
Daniel Pinto
ba3a5f82f1 Add support for %include funcionality on torrc #1922
config_get_lines is now split into two functions:
 - config_get_lines which is the same as before we had %include
 - config_get_lines_include which actually processes %include
2017-05-18 23:44:16 +01:00
Nick Mathewson
b6f22524ee Move config line parsing function to confline.c 2017-04-04 11:11:01 -04:00
Alexander Færøy
a28be68cf2
Split strings at newline in tor_get_lines_from_handle().
This patch fixes a regression described in bug #21757 that first
appeared after commit 6e78ede73f which was an attempt to fix bug #21654.

When switching from buffered I/O to direct file descriptor I/O our
output strings from get_string_from_pipe() might contain newline
characters (\n). In this patch we modify tor_get_lines_from_handle() to
ensure that the function splits the newly read string at the newline
character and thus might return multiple lines from a single call to
get_string_from_pipe().

Additionally, we add a test case to test_util_string_from_pipe() to
ensure that get_string_from_pipe() correctly returns multiple lines in a
single call.

See: https://bugs.torproject.org/21757
See: https://bugs.torproject.org/21654
2017-03-17 04:27:12 +01:00
Nick Mathewson
7505f452c8 Run the copyright update script. 2017-03-15 16:13:17 -04:00
Alexander Færøy
02ef06516e
Use less-than instead of not-equal-to for comparison in read loops.
This patch changes a number of read loops in the util module to use
less-than comparison instead of not-equal-to comparison. We do this in
the case that we have a bug elsewhere that might cause `numread` to
become larger than `count` and thus become an infinite loop.
2017-03-09 00:10:17 +01:00
Alexander Færøy
6e78ede73f
Remove buffered I/O stream usage in process_handle_t.
This patch removes the buffered I/O stream usage in process_handle_t and
its related utility functions. This simplifies the code and avoids racy
code where we used buffered I/O on non-blocking file descriptors.

See: https://bugs.torproject.org/21654
2017-03-09 00:10:17 +01:00
Alexander Færøy
86de065aee
Use read(2) instead of fgets(3) when reading process output.
This patch modifies `tor_read_all_handle()` to use read(2) instead of
fgets(3) when reading the stdout from the child process. This should
eliminate the race condition that can be triggered in the 'slow/util/*'
tests on slower machines running OpenBSD, FreeBSD and HardenedBSD.

See: https://bugs.torproject.org/21654
2017-03-08 02:08:44 +01:00
Alexander Færøy
3dca5a6e71
Use tor_fgets() instead of fgets().
This patch changes our use of fgets() to tor_fgets() for more consistent
error handling across different versions of the C library.
2017-03-01 21:26:27 +01:00
Nick Mathewson
7e469c1002 Merge branch 'bug20894_029_v3' 2017-02-14 19:10:20 -05:00
Nick Mathewson
c4f2faf301 Don't atoi off the end of a buffer chunk.
Fixes bug 20894; bugfix on 0.2.0.16-alpha.

We already applied a workaround for this as 20834, so no need to
freak out (unless you didn't apply 20384 yet).
2017-02-14 16:38:47 -05:00
cypherpunks
27df23abb6 Use the standard OpenBSD preprocessor definition 2017-02-03 09:37:39 -05:00
Nick Mathewson
cea1a4e19d This is no longer inline. 2016-12-23 09:50:44 -05:00
Hans Jerry Illikainen
a23fd15786 Fix unreachable heap corruption in base64_decode()
Give size_mul_check() external linkage and use it in base64_decode() to
avoid a potential integer wrap.

Closes #19222
2016-12-23 09:47:09 -05:00
Nick Mathewson
2cee38f76a Merge branch 'prop271_030_v1_squashed' 2016-12-16 11:20:59 -05:00
teor
1e8f68a9c7 Add an extra warning message to check_private_dir 2016-12-01 09:51:19 -05:00
Nick Mathewson
539eba0a4b Teach parse_iso_time about the spaceless variant.
(We previously added support for generating the spaceless
2016-11-14T19:58:12 variant, but not for actually parsing it.)
2016-11-30 14:42:52 -05:00
Fabian Keil
db2dd8434e finish_writing_to_file_impl(): Remove temporary file if replacing the existing one failed
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-16 11:25:26 -05:00
Nick Mathewson
3e3040a5d9 Merge branch 'maint-0.2.9'
Conflicts:
	src/or/rendservice.c
2016-11-07 16:31:40 -05:00
teor
2f48693663
Improve comments in check_private_dir and onion poisoning
Comment changes only
2016-11-02 14:11:26 +11:00