aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2011-12-02 16:15:52 -0500
committerNick Mathewson <nickm@torproject.org>2011-12-02 16:15:52 -0500
commit6171bdd1056e3511b1842ac8a3e17aa349616075 (patch)
tree1d8b3f6ed477758475abb09467f72cf2f12e733b
parent2b5a0356047e7622c66e434cd8ac4a7689d4cc28 (diff)
downloadtor-6171bdd1056e3511b1842ac8a3e17aa349616075.tar.gz
tor-6171bdd1056e3511b1842ac8a3e17aa349616075.zip
Don't call tor_tls_set_logged_address till after checking conn->tls
Fixes bug 4531; partial backport of e27a26d5.
-rw-r--r--changes/bug45314
-rw-r--r--src/or/connection_or.c4
2 files changed, 6 insertions, 2 deletions
diff --git a/changes/bug4531 b/changes/bug4531
new file mode 100644
index 0000000000..6209f9a058
--- /dev/null
+++ b/changes/bug4531
@@ -0,0 +1,4 @@
+ o Major bugfixes:
+ - Fix null-pointer access that could occur if TLS allocation failed.
+ Fixes bug 4531; bugfix on 0.2.0.20-rc. Found by "troll_un".
+
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 1fffba7733..dc8850ea3f 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -871,12 +871,12 @@ connection_tls_start_handshake(or_connection_t *conn, int receiving)
{
conn->_base.state = OR_CONN_STATE_TLS_HANDSHAKING;
conn->tls = tor_tls_new(conn->_base.s, receiving);
- tor_tls_set_logged_address(conn->tls, // XXX client and relay?
- escaped_safe_str(conn->_base.address));
if (!conn->tls) {
log_warn(LD_BUG,"tor_tls_new failed. Closing.");
return -1;
}
+ tor_tls_set_logged_address(conn->tls, // XXX client and relay?
+ escaped_safe_str(conn->_base.address));
connection_start_reading(TO_CONN(conn));
log_debug(LD_HANDSHAKE,"starting TLS handshake on fd %d", conn->_base.s);
note_crypto_pk_op(receiving ? TLS_HANDSHAKE_S : TLS_HANDSHAKE_C);