diff options
author | cypherpunks <cypherpunks@torproject.org> | 2018-09-21 05:16:22 +0000 |
---|---|---|
committer | cypherpunks <cypherpunks@torproject.org> | 2018-09-21 05:16:22 +0000 |
commit | 42558df7c8affeec33e66d987ccf4d632a9d5466 (patch) | |
tree | a55eb3bd2c910d03bfcb423b1d27b6d2bb402b90 | |
parent | db89b4b1527103455e1bd85839a88d614a402354 (diff) | |
download | tor-42558df7c8affeec33e66d987ccf4d632a9d5466.tar.gz tor-42558df7c8affeec33e66d987ccf4d632a9d5466.zip |
rust/protover: return C-allocated string in protover_all_supported()
The result of CString::into_raw() is not safe to free
with free() except under finicky and fragile circumstances
that we definitely don't meet right now.
This was missed in be583a34a3815c2c10e86094ab0610e4b7f9c869.
-rw-r--r-- | changes/bug27740 | 4 | ||||
-rw-r--r-- | src/rust/protover/ffi.rs | 7 |
2 files changed, 5 insertions, 6 deletions
diff --git a/changes/bug27740 b/changes/bug27740 new file mode 100644 index 0000000000..76a17b7dda --- /dev/null +++ b/changes/bug27740 @@ -0,0 +1,4 @@ + o Minor bugfixes (rust): + - Return a string that can be safely freed by C code, not one created by + the rust allocator, in protover_all_supported(). Fixes bug 27740; bugfix + on 0.3.3.1-alpha. diff --git a/src/rust/protover/ffi.rs b/src/rust/protover/ffi.rs index ca9a504fe1..8ab11842d1 100644 --- a/src/rust/protover/ffi.rs +++ b/src/rust/protover/ffi.rs @@ -71,12 +71,7 @@ pub extern "C" fn protover_all_supported( if missing_out.is_null() { return 0; } - let c_unsupported: CString = match CString::new(unsupported.to_string()) { - Ok(n) => n, - Err(_) => return 1, - }; - - let ptr = c_unsupported.into_raw(); + let ptr = allocate_and_copy_string(&unsupported.to_string()); unsafe { *missing_out = ptr }; return 0; |