r17611@catbus: nickm | 2008-01-14 13:44:16 -0500

 add some missing checks for failing return values.


svn:r13130

9 files changed, 56 insertions, 19 deletions

diff --git a/ChangeLog b/ChangeLog
index 3d92b226c3..e8eea19b2c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -44,6 +44,7 @@ Changes in version 0.2.0.16-alpha - 2008-01-??
       to check our fallback consensus.  Fixes bug 583.
     - Make bridges round geoip info up, not down.
     - Avoid a spurious free on base64 failure.  Bugfix on 0.1.2.
+    - Detect more kinds of possible internal error.
 
   o Minor features (controller):
     - Get NS events working again.  (Patch from tup)
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index c28e4c8652..4f57922160 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -2617,7 +2617,7 @@ entry_guards_parse_state(or_state_t *state, int set, char **msg)
       }
       if (strlen(line->value) >= ISO_TIME_LEN+ISO_TIME_LEN+1) {
         /* ignore failure */
-        parse_iso_time(line->value+ISO_TIME_LEN+1, &last_try);
+        (void) parse_iso_time(line->value+ISO_TIME_LEN+1, &last_try);
       }
       if (!strcasecmp(line->key, "EntryGuardDownSince")) {
         node->unreachable_since = when;
diff --git a/src/or/config.c b/src/or/config.c
index 40209130f5..b09e3c3191 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -835,8 +835,12 @@ add_default_trusted_dir_authorities(authority_type_t type)
       "88.198.7.215:80 6833 3D07 61BC F397 A587 A0C0 B963 E4A9 E99E C4D3",
     NULL
   };
-  for (i=0; dirservers[i]; i++)
-    parse_dir_server_line(dirservers[i], type, 0);
+  for (i=0; dirservers[i]; i++) {
+    if (parse_dir_server_line(dirservers[i], type, 0)<0) {
+      log_err(LD_BUG, "Couldn't parse internal dirserver line %s",
+              dirservers[i]);
+    }
+  }
 }
 
 /** Look at all the config options for using alternate directory
diff --git a/src/or/control.c b/src/or/control.c
index 9e28e06ffe..d216339b30 100644
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -1500,9 +1500,9 @@ getinfo_helper_dir(control_connection_t *control_conn,
     question += strlen("extra-info/digest/");
     if (strlen(question) == HEX_DIGEST_LEN) {
       char d[DIGEST_LEN];
-      signed_descriptor_t *sd;
-      base16_decode(d, sizeof(d), question, strlen(question));
-      sd = extrainfo_get_by_descriptor_digest(d);
+      signed_descriptor_t *sd = NULL;
+      if (base16_decode(d, sizeof(d), question, strlen(question))==0)
+        sd = extrainfo_get_by_descriptor_digest(d);
       if (sd) {
         const char *body = signed_descriptor_get_body(sd);
         if (body)
diff --git a/src/or/directory.c b/src/or/directory.c
index bff5161c5c..6e5c82bd79 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -2959,7 +2959,11 @@ dir_networkstatus_download_failed(smartlist_t *failed, int status_code)
   {
     char digest[DIGEST_LEN];
     trusted_dir_server_t *dir;
-    base16_decode(digest, DIGEST_LEN, fp, strlen(fp));
+    if (base16_decode(digest, DIGEST_LEN, fp, strlen(fp))<0) {
+      log_warn(LD_BUG, "Called with bad fingerprint in list: %s",
+               escaped(fp));
+      continue;
+    }
     dir = router_get_trusteddirserver_by_digest(digest);
 
     if (dir)
@@ -3070,7 +3074,11 @@ dir_routerdesc_download_failed(smartlist_t *failed, int status_code,
       tor_assert(!was_extrainfo); /* not supported yet */
       SMARTLIST_FOREACH(failed, const char *, cp,
       {
-        base16_decode(digest, DIGEST_LEN, cp, strlen(cp));
+        if (base16_decode(digest, DIGEST_LEN, cp, strlen(cp))<0) {
+          log_warn(LD_BUG, "Malformed fingerprint in list: %s",
+                   escaped(cp));
+          continue;
+        }
         retry_bridge_descriptor_fetch_directly(digest);
       });
     }
@@ -3079,7 +3087,10 @@ dir_routerdesc_download_failed(smartlist_t *failed, int status_code,
   SMARTLIST_FOREACH(failed, const char *, cp,
   {
     download_status_t *dls = NULL;
-    base16_decode(digest, DIGEST_LEN, cp, strlen(cp));
+    if (base16_decode(digest, DIGEST_LEN, cp, strlen(cp)) < 0) {
+      log_warn(LD_BUG, "Malformed fingerprint in list: %s", escaped(cp));
+      continue;
+    }
     if (was_extrainfo) {
       signed_descriptor_t *sd =
         router_get_by_extrainfo_digest(digest);
diff --git a/src/or/dns.c b/src/or/dns.c
index b4b86502fb..79af4f0607 100644
--- a/src/or/dns.c
+++ b/src/or/dns.c
@@ -1458,8 +1458,11 @@ launch_test_addresses(int fd, short event, void *args)
     return;
   SMARTLIST_FOREACH(options->ServerDNSTestAddresses, const char *, address,
     {
-      evdns_resolve_ipv4(address, DNS_QUERY_NO_SEARCH, evdns_callback,
-                         tor_strdup(address));
+      int r = evdns_resolve_ipv4(address, DNS_QUERY_NO_SEARCH, evdns_callback,
+                                 tor_strdup(address));
+      if (r)
+        log_info(LD_EXIT, "eventdns rejected test address %s: error %d",
+                 escaped_safe_str(address), r);
     });
 }
 
@@ -1512,7 +1515,9 @@ dns_launch_correctness_checks(void)
   evtimer_set(&launch_event, launch_test_addresses, NULL);
   timeout.tv_sec = 30;
   timeout.tv_usec = 0;
-  evtimer_add(&launch_event, &timeout);
+  if (evtimer_add(&launch_event, &timeout)<0) {
+    log_warn(LD_BUG, "Couldn't add timer for checking for dns hijacking");
+  }
 }
 
 /** Return true iff our DNS servers lie to us too much to be trustd. */
diff --git a/src/or/dnsserv.c b/src/or/dnsserv.c
index 25a545ecc1..2cc343dc30 100644
--- a/src/or/dnsserv.c
+++ b/src/or/dnsserv.c
@@ -130,7 +130,12 @@ evdns_server_callback(struct evdns_server_request *req, void *_data)
 
   conn->dns_server_request = req;
 
-  connection_add(TO_CONN(conn));
+  if (connection_add(TO_CONN(conn)) < 0) {
+    log_warn(LD_APP, "Couldn't register dummy connection for DNS request");
+    evdns_server_request_respond(req, DNS_ERR_SERVERFAILED);
+    connection_free(TO_CONN(conn));
+    return;
+  }
 
   control_event_stream_status(conn, STREAM_EVENT_NEW, 0);
 
@@ -171,7 +176,12 @@ dnsserv_launch_request(const char *name, int reverse)
   strlcpy(conn->socks_request->address, name,
           sizeof(conn->socks_request->address));
 
-  connection_add(TO_CONN(conn));
+  if (connection_add(TO_CONN(conn))<0) {
+    log_warn(LD_APP, "Couldn't register dummy connection for RESOLVE request");
+    evdns_server_request_respond(req, DNS_ERR_SERVERFAILED);
+    connection_free(TO_CONN(conn));
+    return;
+  }
 
   /* Now, throw the connection over to get rewritten (which will answer it
   * immediately if it's in the cache, or completely bogus, or automapped),
diff --git a/src/or/eventdns.c b/src/or/eventdns.c
index cfdfd0f037..d923d26cc1 100644
--- a/src/or/eventdns.c
+++ b/src/or/eventdns.c
@@ -1462,7 +1462,10 @@ evdns_add_server_port(int socket, int is_tcp, evdns_request_callback_fn_type cb,
 
 	event_set(&port->event, port->socket, EV_READ | EV_PERSIST,
 			  server_port_ready_callback, port);
-	event_add(&port->event, NULL); /* check return. */
+	if (event_add(&port->event, NULL)<0) {
+		free(port);
+		return NULL;
+	}
 	return port;
 }
 
diff --git a/src/or/policies.c b/src/or/policies.c
index f4b52e93dc..17d0f9c25c 100644
--- a/src/or/policies.c
+++ b/src/or/policies.c
@@ -332,11 +332,12 @@ static void
 load_policy_from_option(config_line_t *config, smartlist_t **policy,
                         int assume_action)
 {
+  int r;
   addr_policy_list_free(*policy);
   *policy = NULL;
-  parse_addr_policy(config, policy, assume_action);
-  if (!*policy)
-    return;
+  r = parse_addr_policy(config, policy, assume_action);
+  if (r < 0 || !*policy)
+    return; /* XXXX020 have an error return. */
   SMARTLIST_FOREACH(*policy, addr_policy_t *, n, {
       /* ports aren't used. */
       n->prt_min = 1;
@@ -598,7 +599,9 @@ append_exit_policy_string(smartlist_t **policy, const char *more)
   tmp.key = NULL;
   tmp.value = (char*) more;
   tmp.next = NULL;
-  parse_addr_policy(&tmp, policy, -1);
+  if (parse_addr_policy(&tmp, policy, -1)<0) {
+    log_warn(LD_BUG, "Unable to parse internally generated policy %s",more);
+  }
 }
 
 /** Detect and excise "dead code" from the policy *<b>dest</b>. */