commit 5ade2786050dcf07ee6491145add86da5c21739d Author: Nick Mathewson nickm@torproject.org Date: Wed Jul 11 09:57:58 2012 -0400
Check ewma_enabled before doing circ-has-become-inactive check
This avoids a possible crash bug in flush_from_first_active_circuit.
Fixes bug 6341; bugfix on 0.2.2.7-alpha.
Bug reported and fixed by a pseudonymous user on IRC. --- changes/bug6341 | 5 +++++ src/or/relay.c | 2 +- 2 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/changes/bug6341 b/changes/bug6341 new file mode 100644 index 0000000..04e52c7 --- /dev/null +++ b/changes/bug6341 @@ -0,0 +1,5 @@ + o Major bugfixes: + - Fix a possible crash bug when checking for deactivated circuits + in connection_or_flush_from_first_active_circuit(). Fixes bug + 6341; bugfix on 0.2.2.7-alpha. Bug report and fix received + pseudonymously. diff --git a/src/or/relay.c b/src/or/relay.c index 3e418ea..b1913e7 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -2464,7 +2464,7 @@ connection_or_flush_from_first_active_circuit(or_connection_t *conn, int max, tor_assert(tmp == cell_ewma); add_cell_ewma_to_conn(conn, cell_ewma); } - if (circ != conn->active_circuits) { + if (!ewma_enabled && circ != conn->active_circuits) { /* If this happens, the current circuit just got made inactive by * a call in connection_write_to_buf(). That's nothing to worry about: * circuit_make_inactive_on_conn() already advanced conn->active_circuits