October 2017 - tor-commits - lists.torproject.org

[tor/release-0.3.2] Remove the length limit from write_http_status_line
by nickm＠torproject.org 23 Oct '17

23 Oct '17

commit af33fdd7c1860399fe8d6861c163e5d64b0292b9 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Oct 23 09:21:22 2017 -0400 Remove the length limit from write_http_status_line Fixes bug 23908; bugfix on 0.3.1.6-rc when we made the keypin failure message really long. Backport from 0.3.2's 771fb7e7baa789c55ba15c4c26c8a4889ff9fe8d, where arma said "get rid of the scary 256-byte-buf landmine". --- changes/bug23908 | 3 +++ src/or/directory.c | 10 ++++------ 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/changes/bug23908 b/changes/bug23908 new file mode 100644 index 000000000..f641b66bb --- /dev/null +++ b/changes/bug23908 @@ -0,0 +1,3 @@ + o Minor bugfixes (directory authority, backport from 0.3.2.1-alpha): + - Remove the length limit on HTTP status lines that authorities can send + in their replies. Fixes bug 23499; bugfix on 0.3.1.6-rc. diff --git a/src/or/directory.c b/src/or/directory.c index 45fbd1dd3..bef65d349 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -3282,14 +3282,12 @@ static void write_http_status_line(dir_connection_t *conn, int status, const char *reason_phrase) { - char buf[256]; - if (tor_snprintf(buf, sizeof(buf), "HTTP/1.0 %d %s\r\n\r\n", - status, reason_phrase ? reason_phrase : "OK") < 0) { - log_warn(LD_BUG,"status line too long."); - return; - } + char *buf = NULL; + tor_asprintf(&buf, "HTTP/1.0 %d %s\r\n\r\n", + status, reason_phrase ? reason_phrase : "OK"); log_debug(LD_DIRSERV,"Wrote status 'HTTP/1.0 %d %s'", status, reason_phrase); connection_write_to_buf(buf, strlen(buf), TO_CONN(conn)); + tor_free(buf); } /** Write the header for an HTTP/1.0 response onto <b>conn</b>-\>outbuf,

1 0

[tor/release-0.3.2] Merge branch 'maint-0.3.1' into maint-0.3.2
by nickm＠torproject.org 23 Oct '17

23 Oct '17

commit 8b8d501040946bb2280a9640f91a55b7f17b03e3 Merge: 6a7aa4735 af33fdd7c Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Oct 23 09:22:43 2017 -0400 Merge branch 'maint-0.3.1' into maint-0.3.2 "ours" merge to avoid taking af33fdd7c1860399fe8d6861c163e5d64b0292b9

1 0

[tor/master] Merge branch 'maint-0.3.2'
by nickm＠torproject.org 23 Oct '17

23 Oct '17

commit 880d596f4dbb65885ebbc8b1b88e852529779324 Merge: 49e8352f1 8b8d50104 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Oct 23 09:22:57 2017 -0400 Merge branch 'maint-0.3.2'

1 0

[tor/release-0.3.1] Merge branch 'maint-0.3.1' into release-0.3.1
by nickm＠torproject.org 23 Oct '17

23 Oct '17

commit 602f9565a932354c543353f5ab38079a8707b2ad Merge: 5f78775a8 af33fdd7c Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Oct 23 09:22:57 2017 -0400 Merge branch 'maint-0.3.1' into release-0.3.1 changes/bug23908 | 3 +++ src/or/directory.c | 10 ++++------ 2 files changed, 7 insertions(+), 6 deletions(-)

1 0

[tor/maint-0.3.1] Remove the length limit from write_http_status_line
by nickm＠torproject.org 23 Oct '17

23 Oct '17

commit af33fdd7c1860399fe8d6861c163e5d64b0292b9 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Oct 23 09:21:22 2017 -0400 Remove the length limit from write_http_status_line Fixes bug 23908; bugfix on 0.3.1.6-rc when we made the keypin failure message really long. Backport from 0.3.2's 771fb7e7baa789c55ba15c4c26c8a4889ff9fe8d, where arma said "get rid of the scary 256-byte-buf landmine". --- changes/bug23908 | 3 +++ src/or/directory.c | 10 ++++------ 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/changes/bug23908 b/changes/bug23908 new file mode 100644 index 000000000..f641b66bb --- /dev/null +++ b/changes/bug23908 @@ -0,0 +1,3 @@ + o Minor bugfixes (directory authority, backport from 0.3.2.1-alpha): + - Remove the length limit on HTTP status lines that authorities can send + in their replies. Fixes bug 23499; bugfix on 0.3.1.6-rc. diff --git a/src/or/directory.c b/src/or/directory.c index 45fbd1dd3..bef65d349 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -3282,14 +3282,12 @@ static void write_http_status_line(dir_connection_t *conn, int status, const char *reason_phrase) { - char buf[256]; - if (tor_snprintf(buf, sizeof(buf), "HTTP/1.0 %d %s\r\n\r\n", - status, reason_phrase ? reason_phrase : "OK") < 0) { - log_warn(LD_BUG,"status line too long."); - return; - } + char *buf = NULL; + tor_asprintf(&buf, "HTTP/1.0 %d %s\r\n\r\n", + status, reason_phrase ? reason_phrase : "OK"); log_debug(LD_DIRSERV,"Wrote status 'HTTP/1.0 %d %s'", status, reason_phrase); connection_write_to_buf(buf, strlen(buf), TO_CONN(conn)); + tor_free(buf); } /** Write the header for an HTTP/1.0 response onto <b>conn</b>-\>outbuf,

1 0

[tor/maint-0.3.2] Merge branch 'maint-0.3.0' into maint-0.3.1
by nickm＠torproject.org 23 Oct '17

23 Oct '17

commit 85115796bb9095db2b59624b16c005f2252d4d71 Merge: 23e3d57e1 eac4c374e Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Oct 23 09:11:10 2017 -0400 Merge branch 'maint-0.3.0' into maint-0.3.1 src/test/test_config.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

1 0

[tor/maint-0.3.2] Adjust test, now that there are 9 dirauths again
by nickm＠torproject.org 23 Oct '17

23 Oct '17

commit a5f5bda462d489cb02f97e9847011b46a350512a Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Oct 23 09:11:07 2017 -0400 Adjust test, now that there are 9 dirauths again --- src/test/test_config.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/test/test_config.c b/src/test/test_config.c index 90ea4da87..b48d5e8d2 100644 --- a/src/test/test_config.c +++ b/src/test/test_config.c @@ -1632,8 +1632,8 @@ test_config_adding_default_trusted_dir_servers(void *arg) /* Assume we have eight V3 authorities */ add_default_trusted_dir_authorities(V3_DIRINFO); - tt_int_op(get_n_authorities(V3_DIRINFO), OP_EQ, 8); - tt_int_op(smartlist_len(router_get_fallback_dir_servers()), OP_EQ, 9); + tt_int_op(get_n_authorities(V3_DIRINFO), OP_EQ, 9); + tt_int_op(smartlist_len(router_get_fallback_dir_servers()), OP_EQ, 10); done: clear_dir_servers();

1 0

[tor/maint-0.3.2] Merge branch 'maint-0.2.9' into maint-0.3.0
by nickm＠torproject.org 23 Oct '17

23 Oct '17

commit eac4c374e456af4f216392ec2d3b037d5f57e2f3 Merge: c93ecb818 fcd5c3144 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Oct 23 09:11:10 2017 -0400 Merge branch 'maint-0.2.9' into maint-0.3.0 src/test/test_config.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

1 0

[tor/maint-0.3.2] Merge branch 'maint-0.3.1' into maint-0.3.2
by nickm＠torproject.org 23 Oct '17

23 Oct '17

commit 6a7aa4735724cdf8d37e4109705338a1ea947449 Merge: 009141c6a 85115796b Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Oct 23 09:11:10 2017 -0400 Merge branch 'maint-0.3.1' into maint-0.3.2 src/test/test_config.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

1 0

[tor/maint-0.3.2] Merge branch 'maint-0.2.8' into maint-0.2.9
by nickm＠torproject.org 23 Oct '17

23 Oct '17

commit fcd5c3144a44f4081e9e7c4336b932e31ae45f77 Merge: 1db5081ba a5f5bda46 Author: Nick Mathewson <nickm(a)torproject.org> Date: Mon Oct 23 09:11:10 2017 -0400 Merge branch 'maint-0.2.8' into maint-0.2.9 src/test/test_config.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

1 0