diff options
| author | Nick Mathewson <nickm@torproject.org> | 2008-03-17 16:52:01 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2008-03-17 16:52:01 +0000 |
| commit | 7f61a72111455c7c94976e4c322bee5f4b8a8bef (patch) | |
| tree | 0a1117473234a8436022d57ae22c83e41c0b4d6c | |
| parent | 7b3af83389a45808520caeb13d069bd9944e3161 (diff) | |
| download | tor-7f61a72111455c7c94976e4c322bee5f4b8a8bef.tar.gz tor-7f61a72111455c7c94976e4c322bee5f4b8a8bef.zip | |
r18881@catbus: nickm | 2008-03-17 12:51:33 -0400
Backport: Fix policy-related crash bug found by lodger.
svn:r14078
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | src/or/or.h | 2 | ||||
| -rw-r--r-- | src/or/policies.c | 10 | ||||
| -rw-r--r-- | src/or/test.c | 6 |
4 files changed, 19 insertions, 2 deletions
@@ -38,6 +38,9 @@ Changes in version 0.2.0.22-rc - 2008-03-17 - Avoid double-marked-for-close warning when certain kinds of invalid .in-addr.arpa addresses are passed to the DNSPort. Part of a fix for bug 617. Bugfix on 0.2.0.1-alpha. + - Make sure that the "NULL-means-reject *:*" convention is followed by + all the policy manipulation functions, avoiding some possible crash + bugs. Bug found by lodger. Bugfix on 0.2.0.16-alpha. o Minor features: - Only log guard node status when guard node status has changed. diff --git a/src/or/or.h b/src/or/or.h index 4f30f58203..a8a7898523 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1118,7 +1118,7 @@ typedef enum { ADDR_POLICY_REJECT=2, } addr_policy_action_t; -/** A linked list of policy rules */ +/** A reference-counted address policy rule. */ typedef struct addr_policy_t { int refcnt; /**< Reference count */ addr_policy_action_t policy_type:2;/**< What to do when the policy matches.*/ diff --git a/src/or/policies.c b/src/or/policies.c index 882540edca..20c1fb9186 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -530,7 +530,10 @@ compare_addr_to_addr_policy(uint32_t addr, uint16_t port, int match = 0; int maybe = 0; int i, len; - len = policy ? smartlist_len(policy) : 0; + if (!policy) + return ADDR_POLICY_REJECTED; + + len = smartlist_len(policy); for (i = 0; i < len; ++i) { addr_policy_t *tmpe = smartlist_get(policy, i); @@ -764,6 +767,9 @@ exit_policy_is_general_exit(smartlist_t *policy) static const int ports[] = { 80, 443, 6667 }; int n_allowed = 0; int i; + if (!policy) + return 0; + for (i = 0; i < 3; ++i) { SMARTLIST_FOREACH(policy, addr_policy_t *, p, { if (p->prt_min > ports[i] || p->prt_max < ports[i]) @@ -787,6 +793,8 @@ exit_policy_is_general_exit(smartlist_t *policy) int policy_is_reject_star(smartlist_t *policy) { + if (!policy) + return 1; SMARTLIST_FOREACH(policy, addr_policy_t *, p, { if (p->policy_type == ADDR_POLICY_ACCEPT) return 0; diff --git a/src/or/test.c b/src/or/test.c index b3e8f2cbab..814f8c4f71 100644 --- a/src/or/test.c +++ b/src/or/test.c @@ -2996,6 +2996,8 @@ test_policies(void) compare_addr_to_addr_policy(0, 2, policy)); test_assert(ADDR_POLICY_REJECTED == compare_addr_to_addr_policy(0xc0a80102, 2, policy)); + test_assert(ADDR_POLICY_REJECTED == + compare_addr_to_addr_policy(0x01020304u, 2, NULL)); policy2 = NULL; test_assert(0 == policies_parse_exit_policy(NULL, &policy2, 1, NULL)); @@ -3003,12 +3005,16 @@ test_policies(void) test_assert(!exit_policy_is_general_exit(policy)); test_assert(exit_policy_is_general_exit(policy2)); + test_assert(!exit_policy_is_general_exit(NULL)); test_assert(cmp_addr_policies(policy, policy2)); + test_assert(cmp_addr_policies(policy, NULL)); test_assert(!cmp_addr_policies(policy2, policy2)); + test_assert(!cmp_addr_policies(NULL, NULL)); test_assert(!policy_is_reject_star(policy2)); test_assert(policy_is_reject_star(policy)); + test_assert(policy_is_reject_star(NULL)); addr_policy_list_free(policy); addr_policy_list_free(policy2); |