aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2008-02-20 16:57:39 +0000
committerNick Mathewson <nickm@torproject.org>2008-02-20 16:57:39 +0000
commitcefe0a1959bb62fb36170dc3ff8c15b9971bb822 (patch)
tree2e47bfe6783aefbb687e99c524ab39f3c0f1fe9e
parent1c8bd320beed5379ab3b755d41cb2fd051858a67 (diff)
downloadtor-cefe0a1959bb62fb36170dc3ff8c15b9971bb822.tar.gz
tor-cefe0a1959bb62fb36170dc3ff8c15b9971bb822.zip
r18255@catbus: nickm | 2008-02-20 11:44:55 -0500
Add asserts and refactor some comparisons in order to fix some veracode-identified issues. Note a bug in buffers.c svn:r13618
-rw-r--r--src/or/buffers.c6
-rw-r--r--src/or/dirvote.c5
-rw-r--r--src/or/routerparse.c4
3 files changed, 11 insertions, 4 deletions
diff --git a/src/or/buffers.c b/src/or/buffers.c
index f67f44cb6a..13fda0fb55 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -1019,8 +1019,10 @@ static int
buf_find_pos_of_char(char ch, buf_pos_t *out)
{
const chunk_t *chunk;
- int offset = 0;
- int pos = out->pos;
+ int offset = 0; /*XXXX020 should this be pos_absolute? Otherwise, bug. */
+ int pos;
+ tor_assert(out && out->chunk && out->pos < (int)out->chunk->datalen);
+ pos = out->pos;
for (chunk = out->chunk; chunk; chunk = chunk->next) {
char *cp = memchr(chunk->data+pos, ch, chunk->datalen-pos);
if (cp) {
diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index e2ff5723ac..1455418a88 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -1787,16 +1787,17 @@ dirvote_add_signatures_to_pending_consensus(
char *new_detached =
networkstatus_get_detached_signatures(pending_consensus);
const char *src;
- char *dst;
+ char *dst, *dst_end;
size_t new_consensus_len =
strlen(pending_consensus_body) + strlen(new_detached) + 1;
pending_consensus_body = tor_realloc(pending_consensus_body,
new_consensus_len);
+ dst_end = pending_consensus_body + new_consensus_len;
dst = strstr(pending_consensus_body, "directory-signature ");
tor_assert(dst);
src = strstr(new_detached, "directory-signature ");
tor_assert(src);
- strlcpy(dst, src, new_consensus_len - (dst-pending_consensus_body));
+ strlcpy(dst, src, dst_end-dst);
/* We remove this block once it has failed to crash for a while. But
* unless it shows up in profiles, we're probably better leaving it in,
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 123ea32bc1..2a897f55cc 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -2704,6 +2704,7 @@ get_next_token(const char **s, const char *eos, token_rule_t *table)
/* Set *s to first token, eol to end-of-line, next to after first token */
*s = eat_whitespace_eos(*s, eos); /* eat multi-line whitespace */
+ tor_assert(eos >= *s);
eol = memchr(*s, '\n', eos-*s);
if (!eol)
eol = eos;
@@ -2775,11 +2776,13 @@ get_next_token(const char **s, const char *eos, token_rule_t *table)
/* Check whether there's an object present */
*s = eat_whitespace_eos(eol, eos); /* Scan from end of first line */
+ tor_assert(eos >= *s);
eol = memchr(*s, '\n', eos-*s);
if (!eol || eol-*s<11 || strcmpstart(*s, "-----BEGIN ")) /* No object. */
goto check_object;
obstart = *s; /* Set obstart to start of object spec */
+ tor_assert(eol >= (*s+16));
if (*s+11 >= eol-5 || memchr(*s+11,'\0',eol-*s-16) || /* no short lines, */
strcmp_len(eol-5, "-----", 5)) { /* nuls or invalid endings */
RET_ERR("Malformed object: bad begin line");
@@ -2793,6 +2796,7 @@ get_next_token(const char **s, const char *eos, token_rule_t *table)
if (!next) {
RET_ERR("Malformed object: missing object end line");
}
+ tor_assert(eos >= next);
eol = memchr(next, '\n', eos-next);
if (!eol) /* end-of-line marker, or eos if there's no '\n' */
eol = eos;