[tor-commits] [tor/release-0.2.3] Defensive programming: clear rs_out between iterations.
arma at torproject.org
arma at torproject.org
Tue Sep 4 23:06:54 UTC 2012
commit 2d6d5db2fe4f8a4538c5bed903f7e1576e9eea40
Author: Nick Mathewson <nickm at torproject.org>
Date: Wed Aug 1 17:25:34 2012 -0400
Defensive programming: clear rs_out between iterations.
I can't currently find a bug here, but there are a couple of
near-misses. Addresses ticket 6514; reported pseudonymously on
IRC.
---
changes/bug6514 | 5 +++++
src/or/dirvote.c | 1 +
2 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/changes/bug6514 b/changes/bug6514
new file mode 100644
index 0000000..84633bd
--- /dev/null
+++ b/changes/bug6514
@@ -0,0 +1,5 @@
+ o Minor bugfixes:
+ - Add a (probably redundant) memory clear between iterations of
+ the router status voting loop, to prevent future coding errors
+ where data might leak between iterations of the loop. Resolves
+ ticket 6514.
diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index 7995873..bc77973 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -1752,6 +1752,7 @@ networkstatus_compute_consensus(smartlist_t *votes,
rs = compute_routerstatus_consensus(matching_descs, consensus_method,
microdesc_digest);
/* Copy bits of that into rs_out. */
+ memset(&rs_out, 0, sizeof(rs_out));
tor_assert(fast_memeq(lowest_id, rs->status.identity_digest,DIGEST_LEN));
memcpy(rs_out.identity_digest, lowest_id, DIGEST_LEN);
memcpy(rs_out.descriptor_digest, rs->status.descriptor_digest,
More information about the tor-commits
mailing list