make an assert tighter and replace another with an if.

svn:r18102

1 files changed, 8 insertions, 2 deletions

diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 9c591d4971..5454e33228 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -2137,6 +2137,7 @@ connection_ap_handshake_send_resolve(edge_connection_t *ap_conn)
   ap_conn->stream_id = get_unique_stream_id_by_circ(circ);
   if (ap_conn->stream_id==0) {
     connection_mark_unattached_ap(ap_conn, END_STREAM_REASON_INTERNAL);
+    /*XXXX022 _close_ the circuit because it's full?  That sounds dumb. */
     circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_RESOURCELIMIT);
     return -1;
   }
@@ -2144,7 +2145,6 @@ connection_ap_handshake_send_resolve(edge_connection_t *ap_conn)
   if (command == SOCKS_COMMAND_RESOLVE) {
     string_addr = ap_conn->socks_request->address;
     payload_len = (int)strlen(string_addr)+1;
-    tor_assert(payload_len <= RELAY_PAYLOAD_SIZE);
   } else {
     /* command == SOCKS_COMMAND_RESOLVE_PTR */
     const char *a = ap_conn->socks_request->address;
@@ -2171,7 +2171,13 @@ connection_ap_handshake_send_resolve(edge_connection_t *ap_conn)
 
     string_addr = inaddr_buf;
     payload_len = (int)strlen(inaddr_buf)+1;
-    tor_assert(payload_len <= RELAY_PAYLOAD_SIZE);
+    tor_assert(payload_len <= (int)sizeof(inaddr_buf));
+  }
+
+  if (payload_len > RELAY_PAYLOAD_SIZE) {
+    /* This should be impossible: we don't accept addresses this big. */
+    connection_mark_unattached_ap(ap_conn, END_STREAM_REASON_INTERNAL);
+    return -1;
   }
 
   log_debug(LD_APP,