diff options
| author | Tobias Stoeckmann <tobias@stoeckmann.org> | 2019-07-10 20:39:57 +0200 |
|---|---|---|
| committer | Alexander Færøy <ahf@torproject.org> | 2019-10-16 17:56:12 +0200 |
| commit | d91ad5112e91bfed59bebb657feacac64d34494f (patch) | |
| tree | 9699c3d10deecbdeec267354a5942d712e2ba2a3 | |
| parent | 1b66668e26764c98d4e5348947a35c1d8ae9f92b (diff) | |
| download | tor-d91ad5112e91bfed59bebb657feacac64d34494f.tar.gz tor-d91ad5112e91bfed59bebb657feacac64d34494f.zip | |
Check tor_vasprintf for error return values.
In case of error, a negative value will be returned or NULL written into
first supplied argument.
This patch uses both cases to comply with style in the specific files.
A tor_vasprintf error in process_vprintf would lead to a NULL dereference
later on in buf_add, because the return value -1 casted to size_t would
pass an assertion check inside of buf_add.
On the other hand, common systems will fail on such an operation, so it
is not a huge difference to a simple assertion. Yet it is better to
properly fail instead of relying on such behaviour on all systems.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
| -rw-r--r-- | src/feature/control/control_events.c | 5 | ||||
| -rw-r--r-- | src/lib/buf/buffers.c | 1 | ||||
| -rw-r--r-- | src/lib/process/process.c | 1 |
3 files changed, 6 insertions, 1 deletions
diff --git a/src/feature/control/control_events.c b/src/feature/control/control_events.c index 82ea943999..00659c0477 100644 --- a/src/feature/control/control_events.c +++ b/src/feature/control/control_events.c @@ -1653,7 +1653,10 @@ control_event_status(int type, int severity, const char *format, va_list args) log_warn(LD_BUG, "Format string too long."); return -1; } - tor_vasprintf(&user_buf, format, args); + if (tor_vasprintf(&user_buf, format, args)<0) { + log_warn(LD_BUG, "Failed to create user buffer."); + return -1; + } send_control_event(type, "%s %s\r\n", format_buf, user_buf); tor_free(user_buf); diff --git a/src/lib/buf/buffers.c b/src/lib/buf/buffers.c index 4d026bd37d..452bf74376 100644 --- a/src/lib/buf/buffers.c +++ b/src/lib/buf/buffers.c @@ -578,6 +578,7 @@ buf_add_vprintf(buf_t *buf, const char *format, va_list args) /* XXXX Faster implementations are easy enough, but let's optimize later */ char *tmp; tor_vasprintf(&tmp, format, args); + tor_assert(tmp != NULL); buf_add(buf, tmp, strlen(tmp)); tor_free(tmp); } diff --git a/src/lib/process/process.c b/src/lib/process/process.c index 2194a603ff..b01c99992c 100644 --- a/src/lib/process/process.c +++ b/src/lib/process/process.c @@ -550,6 +550,7 @@ process_vprintf(process_t *process, char *data; size = tor_vasprintf(&data, format, args); + tor_assert(data != NULL); process_write(process, (uint8_t *)data, size); tor_free(data); } |