diff options
author | Nick Mathewson <nickm@torproject.org> | 2014-11-06 13:57:17 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2014-11-06 13:57:17 -0500 |
commit | 634434514059256235d329d9430f91fb31044fd9 (patch) | |
tree | 22effa6b06cc5f58400bd69472187236b91d9f29 | |
parent | 68af1e7e9be8bef82b4574ac0934310af71a764b (diff) | |
download | tor-634434514059256235d329d9430f91fb31044fd9.tar.gz tor-634434514059256235d329d9430f91fb31044fd9.zip |
Add correctness assertions for hashtable iteration
This is meant to prevent memory corruption bugs from doing
unspeakable infinite-loop-like things to the hashtables. Addresses
ticket 11737. We should disable these if they turn out to be
expensive.
-rw-r--r-- | changes/ticket11737 | 4 | ||||
-rw-r--r-- | src/ext/ht.h | 24 |
2 files changed, 24 insertions, 4 deletions
diff --git a/changes/ticket11737 b/changes/ticket11737 new file mode 100644 index 0000000000..5c5f9dc6ed --- /dev/null +++ b/changes/ticket11737 @@ -0,0 +1,4 @@ + o Minor features: + - Prevent bugs from causing infinite loops in our hash-table + iteration code by adding assertions that cached hash values have + not been corrupted. Closes ticket 11737. diff --git a/src/ext/ht.h b/src/ext/ht.h index 09f5dcccd5..ee64e557f4 100644 --- a/src/ext/ht.h +++ b/src/ext/ht.h @@ -121,16 +121,24 @@ ht_string_hash(const char *s) ((void)0) #endif +#define HT_BUCKET_NUM_(head, field, elm, hashfn) \ + (HT_ELT_HASH_(elm,field,hashfn) % head->hth_table_length) + /* Helper: alias for the bucket containing 'elm'. */ #define HT_BUCKET_(head, field, elm, hashfn) \ - ((head)->hth_table[HT_ELT_HASH_(elm,field,hashfn) \ - % head->hth_table_length]) + ((head)->hth_table[HT_BUCKET_NUM_(head, field, elm, hashfn)]) #define HT_FOREACH(x, name, head) \ for ((x) = HT_START(name, head); \ (x) != NULL; \ (x) = HT_NEXT(name, head, x)) +#ifndef HT_NDEBUG +#define HT_ASSERT_(x) tor_assert(x) +#else +#define HT_ASSERT_(x) (void)0 +#endif + #define HT_PROTOTYPE(name, type, field, hashfn, eqfn) \ int name##_HT_GROW(struct name *ht, unsigned min_capacity); \ void name##_HT_CLEAR(struct name *ht); \ @@ -257,8 +265,11 @@ ht_string_hash(const char *s) { \ unsigned b = 0; \ while (b < head->hth_table_length) { \ - if (head->hth_table[b]) \ + if (head->hth_table[b]) { \ + HT_ASSERT_(b == \ + HT_BUCKET_NUM_(head,field,head->hth_table[b],hashfn)); \ return &head->hth_table[b]; \ + } \ ++b; \ } \ return NULL; \ @@ -272,13 +283,18 @@ ht_string_hash(const char *s) name##_HT_NEXT(struct name *head, struct type **elm) \ { \ if ((*elm)->field.hte_next) { \ + HT_ASSERT_(HT_BUCKET_NUM_(head,field,*elm,hashfn) == \ + HT_BUCKET_NUM_(head,field,(*elm)->field.hte_next,hashfn)); \ return &(*elm)->field.hte_next; \ } else { \ unsigned b = (HT_ELT_HASH_(*elm, field, hashfn) \ % head->hth_table_length)+1; \ while (b < head->hth_table_length) { \ - if (head->hth_table[b]) \ + if (head->hth_table[b]) { \ + HT_ASSERT_(b == \ + HT_BUCKET_NUM_(head,field,head->hth_table[b],hashfn)); \ return &head->hth_table[b]; \ + } \ ++b; \ } \ return NULL; \ |