[tor-commits] [tor/release-0.3.3] Add a paranoia check in string_is_valid_nonrfc_hostname()

nickm at torproject.org nickm at torproject.org
Wed Mar 28 11:50:56 UTC 2018


commit d4bf1f6c8eb08c39def69c839515afe475bf0a6b
Author: Nick Mathewson <nickm at torproject.org>
Date:   Wed Mar 28 07:48:18 2018 -0400

    Add a paranoia check in string_is_valid_nonrfc_hostname()
    
    The earlier checks in this function should ensure that components is
    always nonempty.  But in case somebody messes with them in the
    future, let's add an extra check to make sure we aren't crashing.
---
 src/common/util.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/common/util.c b/src/common/util.c
index 90aaf0ebe..a68fd30d0 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -1125,6 +1125,9 @@ string_is_valid_nonrfc_hostname(const char *string)
 
   smartlist_split_string(components,string,".",0,0);
 
+  if (BUG(smartlist_len(components) == 0))
+    return 0; // LCOV_EXCL_LINE should be impossible given the earlier checks.
+
   /* Allow a single terminating '.' used rarely to indicate domains
    * are FQDNs rather than relative. */
   last_label = (char *)smartlist_get(components,





More information about the tor-commits mailing list