commit b4963da987f0b374a2bbfd866e1a36358b1e750f Author: Nick Mathewson nickm@torproject.org Date: Wed Aug 9 10:55:30 2017 -0400
Treat a bad tor_spawn_background() as a BUG().
The contract is that, if may_spawn_background_process() is 0, you're not even allowed to try to spawn a process. --- src/common/util.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/common/util.c b/src/common/util.c index 18108fc24..eff678d6a 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -4180,8 +4180,11 @@ tor_spawn_background(const char *const filename, const char **argv, process_environment_t *env, process_handle_t **process_handle_out) { - if (may_spawn_background_process == 0) + if (BUG(may_spawn_background_process == 0)) { + /* We should never reach this point if we're forbidden to spawn + * processes. Instead we should have caught the attempt earlier. */ return PROCESS_STATUS_ERROR; + }
#ifdef _WIN32 HANDLE stdout_pipe_read = NULL;