[tor-bugs] #7472 [Tor]: Audit all calls to connection_mark_for_close()
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Nov 14 04:39:22 UTC 2012
#7472: Audit all calls to connection_mark_for_close()
--------------------+-------------------------------------------------------
Reporter: andrea | Owner: andrea
Type: task | Status: new
Priority: normal | Milestone: Tor: 0.2.4.x-final
Component: Tor | Version: Tor: 0.2.4.5-alpha
Keywords: | Parent:
Points: | Actualpoints:
--------------------+-------------------------------------------------------
Comment(by andrea):
I've attached my analysis of all occurrences of
connection_mark_for_close(); the ones potentially meriting a closer look
are:
connection.c:2099: connection_mark_for_close(conn);
- This is in connection_mark_all_noncontrol_connections(), could be
an erroneous close of an orconn. What calls this?
connection.c:2804: connection_mark_for_close(linked);
- Also in connection_handle_read_impl(); tries to flush from linked conn
and then connection_flushed_some() fails. Could possibly be an orconn
(when do linked conns get created?); comments suggest this case might
be
a can't-happen, though.
connection.c:3051: connection_mark_for_close(conn);
- This is in connection_handle_read_cb(), and gets called if
connection_process_inbuf() fails; could be an orconn?
Comment suggests this might be a can't-happen.
connection.c:3063: connection_mark_for_close(conn);
- This is closely parallel to the above case, but in the
connection_handle_write_cb() function.
connection.c:3120: connection_mark_for_close(conn);
- This is the error-handling case in connection_handle_event_cb(); if the
error is during connect and conn is an orconn it will call
connection_or_connect_failed(), but it looks like it probably should
handle
other orconn cases.
connection.c:3270: connection_mark_for_close(conn);
- Error with getsockopt() in connection_handle_write_impl(); this
should probably call connection_or_notify_error() too if it's an
orconn.
connection.c:3391: connection_mark_for_close(conn);
- I *think* this case can't be an *active* orconn, but it might be worth
a
test here anyway. This one can only happen if
!(connection_speaks_cells(conn) && conn->state >
OR_CONN_STATE_PROXY_HANDSHAKING)
connection.c:3538: connection_mark_for_close(conn);
- Error in write_to_buf() or write_to_buf_zlib() from
connection_write_to_buf_impl_(); this should check for orconn, I think.
main.c:731: connection_mark_for_close(conn);
- This is conn_read_callback() when connection_handle_read() returns
an error; can this ever happen for an orconn?
main.c:769: connection_mark_for_close(conn);
- This is conn_write_callback() when connection_handle_write() returns
an error; can this ever happen for an orconn?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7472#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list