commit 446e481c90666235bc184cdad6a8578b79fa258e Author: Nick Mathewson nickm@torproject.org Date: Thu Aug 21 11:09:40 2014 -0400
Check for duplicate arguments to tor-gencert
Found by coverity, which noticed that if you said tor-gencert -i identity1 -i identity2 we would leak "identity1".
[CID 1198201, 1198202, 1198203] --- changes/check_dup_args_gencert | 3 +++ src/tools/tor-gencert.c | 12 ++++++++++++ 2 files changed, 15 insertions(+)
diff --git a/changes/check_dup_args_gencert b/changes/check_dup_args_gencert new file mode 100644 index 0000000..d0925df --- /dev/null +++ b/changes/check_dup_args_gencert @@ -0,0 +1,3 @@ + o Minor features: + - In tor-gencert, report an error if the user provides the same + argument more than once. diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c index e799df5..fae26ef 100644 --- a/src/tools/tor-gencert.c +++ b/src/tools/tor-gencert.c @@ -134,18 +134,30 @@ parse_commandline(int argc, char **argv) fprintf(stderr, "No argument to -i\n"); return 1; } + if (identity_key_file) { + fprintf(stderr, "Duplicate values for -i\n"); + return -1; + } identity_key_file = tor_strdup(argv[++i]); } else if (!strcmp(argv[i], "-s")) { if (i+1>=argc) { fprintf(stderr, "No argument to -s\n"); return 1; } + if (signing_key_file) { + fprintf(stderr, "Duplicate values for -s\n"); + return -1; + } signing_key_file = tor_strdup(argv[++i]); } else if (!strcmp(argv[i], "-c")) { if (i+1>=argc) { fprintf(stderr, "No argument to -c\n"); return 1; } + if (certificate_file) { + fprintf(stderr, "Duplicate values for -c\n"); + return -1; + } certificate_file = tor_strdup(argv[++i]); } else if (!strcmp(argv[i], "-m")) { if (i+1>=argc) {