[tor-commits] [tor/master] buf_read_from_tls: Return ERROR_MISC, not WANTWRITE, on BUG().

[nickm at torproject.org]

commit 2985a6018f1123b8843023f09d004f477f59a009
Author: Nick Mathewson <nickm at torproject.org>
Date:   Wed Jan 29 08:49:01 2020 -0500

    buf_read_from_tls: Return ERROR_MISC, not WANTWRITE, on BUG().
    
    Fixes bug 32673; bugfix on 0.3.0.4-alpha.  We introduced these
    checks in ee5471f9aab5526 to help diagnose 21369, but we used "-1"
    when "TOR_TLS_ERROR_MISC" would have been correct.  Found by opara.
    
    I don't think that this is actually getting triggered in the wild,
    but if it were, it could cause nasty behavior: spurious
    WANTREAD/WANTWRITE returns have a way of turning into CPU-eating
    busy-loops.
---
 changes/bug32673          | 5 +++++
 src/lib/tls/buffers_tls.c | 4 ++--
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/changes/bug32673 b/changes/bug32673
new file mode 100644
index 000000000..32f02c639
--- /dev/null
+++ b/changes/bug32673
@@ -0,0 +1,5 @@
+  o Minor bugfixes (TLS bug handling):
+    - When encountering a bug in buf_read_freom_tls(), return a
+      "MISC" error code rather than "WANTWRITE".  This change might
+      help avoid some CPU-wasting loops if the bug is ever triggered.
+      Bug reported by opara.    Fixes bug 32673; bugfix on 0.3.0.4-alpha.
diff --git a/src/lib/tls/buffers_tls.c b/src/lib/tls/buffers_tls.c
index e92cb9163..52be78811 100644
--- a/src/lib/tls/buffers_tls.c
+++ b/src/lib/tls/buffers_tls.c
@@ -69,9 +69,9 @@ buf_read_from_tls(buf_t *buf, tor_tls_t *tls, size_t at_most)
   check_no_tls_errors();
 
   IF_BUG_ONCE(buf->datalen >= INT_MAX)
-    return -1;
+    return TOR_TLS_ERROR_MISC;
   IF_BUG_ONCE(buf->datalen >= INT_MAX - at_most)
-    return -1;
+    return TOR_TLS_ERROR_MISC;
 
   while (at_most > total_read) {
     size_t readlen = at_most - total_read;