commit 7ace8d5a61f75fb77e3619deed417edd5610a4f1 Author: Nick Mathewson <nickm@torproject.org> Date: Tue Sep 18 14:43:57 2018 -0400 Assert that some trunnel _new() functions return non-NULL The trunnel functions are written under the assumption that their allocators can fail, so GCC LTO thinks they might return NULL. In point of fact, they're using tor_malloc() and friends, which can't fail, but GCC won't necessarily figure that out. Fixes part of #27772. --- src/core/proto/proto_socks.c | 3 +++ src/feature/nodelist/torcert.c | 1 + src/lib/crypt_ops/crypto_pwbox.c | 1 + 3 files changed, 5 insertions(+) diff --git a/src/core/proto/proto_socks.c b/src/core/proto/proto_socks.c index ccf96f781..e2f233ad0 100644 --- a/src/core/proto/proto_socks.c +++ b/src/core/proto/proto_socks.c @@ -353,6 +353,7 @@ process_socks5_methods_request(socks_request_t *req, int have_user_pass, { socks_result_t res = SOCKS_RESULT_DONE; socks5_server_method_t *trunnel_resp = socks5_server_method_new(); + tor_assert(trunnel_resp); socks5_server_method_set_version(trunnel_resp, SOCKS_VER_5); @@ -478,6 +479,7 @@ process_socks5_userpass_auth(socks_request_t *req) socks_result_t res = SOCKS_RESULT_DONE; socks5_server_userpass_auth_t *trunnel_resp = socks5_server_userpass_auth_new(); + tor_assert(trunnel_resp); if (req->socks_version != SOCKS_VER_5) { res = SOCKS_RESULT_INVALID; @@ -869,6 +871,7 @@ socks_request_set_socks5_error(socks_request_t *req, socks5_reply_status_t reason) { socks5_server_reply_t *trunnel_resp = socks5_server_reply_new(); + tor_assert(trunnel_resp); socks5_server_reply_set_version(trunnel_resp, SOCKS_VER_5); socks5_server_reply_set_reply(trunnel_resp, reason); diff --git a/src/feature/nodelist/torcert.c b/src/feature/nodelist/torcert.c index fe67e5640..f31e8ed77 100644 --- a/src/feature/nodelist/torcert.c +++ b/src/feature/nodelist/torcert.c @@ -51,6 +51,7 @@ tor_cert_sign_impl(const ed25519_keypair_t *signing_key, tor_cert_t *torcert = NULL; ed25519_cert_t *cert = ed25519_cert_new(); + tor_assert(cert); // Trunnel's new functions can return NULL. cert->cert_type = cert_type; cert->exp_field = (uint32_t) CEIL_DIV(now + lifetime, 3600); cert->cert_key_type = signed_key_type; diff --git a/src/lib/crypt_ops/crypto_pwbox.c b/src/lib/crypt_ops/crypto_pwbox.c index 2377f216a..91536e891 100644 --- a/src/lib/crypt_ops/crypto_pwbox.c +++ b/src/lib/crypt_ops/crypto_pwbox.c @@ -61,6 +61,7 @@ crypto_pwbox(uint8_t **out, size_t *outlen_out, int rv; enc = pwbox_encoded_new(); + tor_assert(enc); pwbox_encoded_setlen_skey_header(enc, S2K_MAXLEN);