[or-cvs] r11335: Backport: Check correct circuit type when calling functions (in tor/branches/tor-0_1_2-patches: . src/or)
nickm at seul.org
nickm at seul.org
Fri Aug 31 14:20:41 UTC 2007
Author: nickm
Date: 2007-08-31 10:20:41 -0400 (Fri, 31 Aug 2007)
New Revision: 11335
Modified:
tor/branches/tor-0_1_2-patches/
tor/branches/tor-0_1_2-patches/ChangeLog
tor/branches/tor-0_1_2-patches/src/or/rendcommon.c
Log:
r14875 at catbus: nickm | 2007-08-31 10:18:11 -0400
Backport: Check correct circuit type when calling functions from rend_process_relay_cell.
Property changes on: tor/branches/tor-0_1_2-patches
___________________________________________________________________
svk:merge ticket from /tor/012 [r14875] on 8246c3cf-6607-4228-993b-4d95d33730f1
Modified: tor/branches/tor-0_1_2-patches/ChangeLog
===================================================================
--- tor/branches/tor-0_1_2-patches/ChangeLog 2007-08-31 14:20:38 UTC (rev 11334)
+++ tor/branches/tor-0_1_2-patches/ChangeLog 2007-08-31 14:20:41 UTC (rev 11335)
@@ -1,3 +1,9 @@
+Changes in version 0.1.2.18 - 2007-??-??
+ o Major bugfixes:
+ - Fix possible segfaults in functions called from
+ rend_process_relay_cell().
+
+
Changes in version 0.1.2.17 - 2007-08-30
o Major bugfixes (security):
- We removed support for the old (v0) control protocol. It has been
Modified: tor/branches/tor-0_1_2-patches/src/or/rendcommon.c
===================================================================
--- tor/branches/tor-0_1_2-patches/src/or/rendcommon.c 2007-08-31 14:20:38 UTC (rev 11334)
+++ tor/branches/tor-0_1_2-patches/src/or/rendcommon.c 2007-08-31 14:20:41 UTC (rev 11335)
@@ -436,7 +436,7 @@
{
or_circuit_t *or_circ = NULL;
origin_circuit_t *origin_circ = NULL;
- int r;
+ int r=0;
if (CIRCUIT_IS_ORIGIN(circ))
origin_circ = TO_ORIGIN_CIRCUIT(circ);
else
@@ -444,31 +444,40 @@
switch (command) {
case RELAY_COMMAND_ESTABLISH_INTRO:
- r = rend_mid_establish_intro(or_circ,payload,length);
+ if (or_circ)
+ r = rend_mid_establish_intro(or_circ,payload,length);
break;
case RELAY_COMMAND_ESTABLISH_RENDEZVOUS:
- r = rend_mid_establish_rendezvous(or_circ,payload,length);
+ if (or_circ)
+ r = rend_mid_establish_rendezvous(or_circ,payload,length);
break;
case RELAY_COMMAND_INTRODUCE1:
- r = rend_mid_introduce(or_circ,payload,length);
+ if (or_circ)
+ r = rend_mid_introduce(or_circ,payload,length);
break;
case RELAY_COMMAND_INTRODUCE2:
- r = rend_service_introduce(origin_circ,payload,length);
+ if (origin_circ)
+ r = rend_service_introduce(origin_circ,payload,length);
break;
case RELAY_COMMAND_INTRODUCE_ACK:
- r = rend_client_introduction_acked(origin_circ,payload,length);
+ if (origin_circ)
+ r = rend_client_introduction_acked(origin_circ,payload,length);
break;
case RELAY_COMMAND_RENDEZVOUS1:
- r = rend_mid_rendezvous(or_circ,payload,length);
+ if (or_circ)
+ r = rend_mid_rendezvous(or_circ,payload,length);
break;
case RELAY_COMMAND_RENDEZVOUS2:
- r = rend_client_receive_rendezvous(origin_circ,payload,length);
+ if (origin_circ)
+ r = rend_client_receive_rendezvous(origin_circ,payload,length);
break;
case RELAY_COMMAND_INTRO_ESTABLISHED:
- r = rend_service_intro_established(origin_circ,payload,length);
+ if (origin_circ)
+ r = rend_service_intro_established(origin_circ,payload,length);
break;
case RELAY_COMMAND_RENDEZVOUS_ESTABLISHED:
- r = rend_client_rendezvous_acked(origin_circ,payload,length);
+ if (origin_circ)
+ r = rend_client_rendezvous_acked(origin_circ,payload,length);
break;
default:
tor_assert(0);
More information about the tor-commits
mailing list