commit af33fdd7c1860399fe8d6861c163e5d64b0292b9 Author: Nick Mathewson nickm@torproject.org Date: Mon Oct 23 09:21:22 2017 -0400
Remove the length limit from write_http_status_line
Fixes bug 23908; bugfix on 0.3.1.6-rc when we made the keypin failure message really long.
Backport from 0.3.2's 771fb7e7baa789c55ba15c4c26c8a4889ff9fe8d, where arma said "get rid of the scary 256-byte-buf landmine". --- changes/bug23908 | 3 +++ src/or/directory.c | 10 ++++------ 2 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/changes/bug23908 b/changes/bug23908 new file mode 100644 index 000000000..f641b66bb --- /dev/null +++ b/changes/bug23908 @@ -0,0 +1,3 @@ + o Minor bugfixes (directory authority, backport from 0.3.2.1-alpha): + - Remove the length limit on HTTP status lines that authorities can send + in their replies. Fixes bug 23499; bugfix on 0.3.1.6-rc. diff --git a/src/or/directory.c b/src/or/directory.c index 45fbd1dd3..bef65d349 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -3282,14 +3282,12 @@ static void write_http_status_line(dir_connection_t *conn, int status, const char *reason_phrase) { - char buf[256]; - if (tor_snprintf(buf, sizeof(buf), "HTTP/1.0 %d %s\r\n\r\n", - status, reason_phrase ? reason_phrase : "OK") < 0) { - log_warn(LD_BUG,"status line too long."); - return; - } + char *buf = NULL; + tor_asprintf(&buf, "HTTP/1.0 %d %s\r\n\r\n", + status, reason_phrase ? reason_phrase : "OK"); log_debug(LD_DIRSERV,"Wrote status 'HTTP/1.0 %d %s'", status, reason_phrase); connection_write_to_buf(buf, strlen(buf), TO_CONN(conn)); + tor_free(buf); }
/** Write the header for an HTTP/1.0 response onto <b>conn</b>->outbuf,