[or-cvs] r14077: Fix policy-related crash bug found by lodger. (in tor/trunk: . src/or)
nickm at seul.org
nickm at seul.org
Mon Mar 17 16:51:48 UTC 2008
Author: nickm
Date: 2008-03-17 12:51:48 -0400 (Mon, 17 Mar 2008)
New Revision: 14077
Modified:
tor/trunk/
tor/trunk/ChangeLog
tor/trunk/src/or/or.h
tor/trunk/src/or/policies.c
tor/trunk/src/or/test.c
Log:
r18880 at catbus: nickm | 2008-03-17 12:51:24 -0400
Fix policy-related crash bug found by lodger.
Property changes on: tor/trunk
___________________________________________________________________
svk:merge ticket from /tor/trunk [r18880] on 8246c3cf-6607-4228-993b-4d95d33730f1
Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog 2008-03-17 13:33:59 UTC (rev 14076)
+++ tor/trunk/ChangeLog 2008-03-17 16:51:48 UTC (rev 14077)
@@ -29,6 +29,9 @@
- Detect mismatched page sizes when using --enable-openbsd-malloc.
Bugfix on 0.2.0.x.
- Stop giving double-close warn when we reject an address for client DNS.
+ - Make sure that the "NULL-means-reject *:*" convention is followed by
+ all the policy manipulation functions, avoiding some possible crash
+ bugs. Bug found by lodger. Bugfix on 0.2.0.16-alpha.
o Minor features:
- Allow separate log levels to be configured for different logging
Modified: tor/trunk/src/or/or.h
===================================================================
--- tor/trunk/src/or/or.h 2008-03-17 13:33:59 UTC (rev 14076)
+++ tor/trunk/src/or/or.h 2008-03-17 16:51:48 UTC (rev 14077)
@@ -1118,7 +1118,7 @@
ADDR_POLICY_REJECT=2,
} addr_policy_action_t;
-/** A linked list of policy rules */
+/** A reference-counted address policy rule. */
typedef struct addr_policy_t {
int refcnt; /**< Reference count */
addr_policy_action_t policy_type:2;/**< What to do when the policy matches.*/
Modified: tor/trunk/src/or/policies.c
===================================================================
--- tor/trunk/src/or/policies.c 2008-03-17 13:33:59 UTC (rev 14076)
+++ tor/trunk/src/or/policies.c 2008-03-17 16:51:48 UTC (rev 14077)
@@ -530,8 +530,11 @@
int match = 0;
int maybe = 0;
int i, len;
- len = policy ? smartlist_len(policy) : 0;
+ if (!policy)
+ return ADDR_POLICY_REJECTED;
+ len = smartlist_len(policy);
+
for (i = 0; i < len; ++i) {
addr_policy_t *tmpe = smartlist_get(policy, i);
maybe = 0;
@@ -764,6 +767,9 @@
static const int ports[] = { 80, 443, 6667 };
int n_allowed = 0;
int i;
+ if (!policy)
+ return 0;
+
for (i = 0; i < 3; ++i) {
SMARTLIST_FOREACH(policy, addr_policy_t *, p, {
if (p->prt_min > ports[i] || p->prt_max < ports[i])
@@ -787,6 +793,8 @@
int
policy_is_reject_star(smartlist_t *policy)
{
+ if (!policy)
+ return 1;
SMARTLIST_FOREACH(policy, addr_policy_t *, p, {
if (p->policy_type == ADDR_POLICY_ACCEPT)
return 0;
Modified: tor/trunk/src/or/test.c
===================================================================
--- tor/trunk/src/or/test.c 2008-03-17 13:33:59 UTC (rev 14076)
+++ tor/trunk/src/or/test.c 2008-03-17 16:51:48 UTC (rev 14077)
@@ -3034,6 +3034,8 @@
compare_addr_to_addr_policy(0, 2, policy));
test_assert(ADDR_POLICY_REJECTED ==
compare_addr_to_addr_policy(0xc0a80102, 2, policy));
+ test_assert(ADDR_POLICY_REJECTED ==
+ compare_addr_to_addr_policy(0x01020304u, 2, NULL));
policy2 = NULL;
test_assert(0 == policies_parse_exit_policy(NULL, &policy2, 1, NULL));
@@ -3041,12 +3043,16 @@
test_assert(!exit_policy_is_general_exit(policy));
test_assert(exit_policy_is_general_exit(policy2));
+ test_assert(!exit_policy_is_general_exit(NULL));
test_assert(cmp_addr_policies(policy, policy2));
+ test_assert(cmp_addr_policies(policy, NULL));
test_assert(!cmp_addr_policies(policy2, policy2));
+ test_assert(!cmp_addr_policies(NULL, NULL));
test_assert(!policy_is_reject_star(policy2));
test_assert(policy_is_reject_star(policy));
+ test_assert(policy_is_reject_star(NULL));
addr_policy_list_free(policy);
addr_policy_list_free(policy2);
More information about the tor-commits
mailing list