diff options
author | Roger Dingledine <arma@torproject.org> | 2011-07-06 00:13:47 -0400 |
---|---|---|
committer | Roger Dingledine <arma@torproject.org> | 2011-07-06 00:13:47 -0400 |
commit | 01fdd676ea8f8ec494776163f07a5d28f48375b1 (patch) | |
tree | baf0225f0178ca88b5019cc1130de72c5b477a01 | |
parent | f0ba3c1f26c7e4d97273e941dc57f3c85d3f46f3 (diff) | |
parent | 335ff915c7a509eb1b76e67f88c7b65d20032035 (diff) | |
download | tor-01fdd676ea8f8ec494776163f07a5d28f48375b1.tar.gz tor-01fdd676ea8f8ec494776163f07a5d28f48375b1.zip |
Merge branch 'maint-0.2.2' into release-0.2.2
-rw-r--r-- | changes/bug3465-022 | 6 | ||||
-rw-r--r-- | changes/cid_428 | 5 | ||||
-rw-r--r-- | changes/cid_450 | 5 | ||||
-rw-r--r-- | changes/memleak_rendcache | 4 | ||||
-rw-r--r-- | doc/HACKING | 22 | ||||
-rw-r--r-- | src/common/compat.c | 18 | ||||
-rw-r--r-- | src/common/container.c | 5 | ||||
-rw-r--r-- | src/or/circuitbuild.c | 10 | ||||
-rw-r--r-- | src/or/circuitlist.c | 2 | ||||
-rw-r--r-- | src/or/connection.c | 14 | ||||
-rw-r--r-- | src/or/control.c | 3 | ||||
-rw-r--r-- | src/or/dirserv.c | 2 | ||||
-rw-r--r-- | src/or/or.h | 6 | ||||
-rw-r--r-- | src/or/rendcommon.c | 1 | ||||
-rw-r--r-- | src/test/Makefile.am | 2 | ||||
-rw-r--r-- | src/test/tinytest_demo.c | 2 |
16 files changed, 76 insertions, 31 deletions
diff --git a/changes/bug3465-022 b/changes/bug3465-022 new file mode 100644 index 0000000000..2d226162aa --- /dev/null +++ b/changes/bug3465-022 @@ -0,0 +1,6 @@ + o Minor bugfixes: + + - Add BUILDTIMEOUT_SET to the list returned by the 'GETINFO + events/names' control-port command. Bugfix on 0.2.2.9-alpha; + fixes part of bug 3465. + diff --git a/changes/cid_428 b/changes/cid_428 new file mode 100644 index 0000000000..cb0fc8c2b2 --- /dev/null +++ b/changes/cid_428 @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Always NUL-terminate the sun_path field of a sockaddr_un before + passing it to the kernel. (Not a security issue: kernels are + smart enough to reject bad sockaddr_uns.) Found by Coverity; CID + # 428. Bugfix on Tor 0.2.0.3-alpha. diff --git a/changes/cid_450 b/changes/cid_450 new file mode 100644 index 0000000000..2045fca239 --- /dev/null +++ b/changes/cid_450 @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Don't stack-allocate the list of supplementary GIDs when we're + about to log them. Stack-allocating NGROUPS_MAX gid_t elements + could take up to 256K, which is way too much stack. Found by + Coverity; CID #450. Bugfix on 0.2.1.7-alpha. diff --git a/changes/memleak_rendcache b/changes/memleak_rendcache new file mode 100644 index 0000000000..93b1f6141b --- /dev/null +++ b/changes/memleak_rendcache @@ -0,0 +1,4 @@ + o Minor bugfixes: + - Fix a memory leak when receiving a descriptor for a hidden + service we didn't ask for. Found by Coverity; CID#30. Bugfix on + 0.2.2.26-beta. diff --git a/doc/HACKING b/doc/HACKING index 7ff9c5f3c2..feeb05d028 100644 --- a/doc/HACKING +++ b/doc/HACKING @@ -456,7 +456,6 @@ interesting and understandable. 2.7) Run it through fmt to make it pretty. - 3) Compose a short release blurb to highlight the user-facing changes. Insert said release blurb into the ChangeLog stanza. If it's a stable release, add it to the ReleaseNotes file too. If we're adding @@ -472,15 +471,19 @@ or somebody to try building it on Windows. 6) Get at least two of weasel/arma/karsten to put the new version number in their approved versions list. -7) Sign and push the tarball to the website in the dist/ directory. Sign -and push the git tag. - (That's either "git tag -u <keyid> tor-0.2.x.y-status", then - "git push origin tag tor-0.2.x.y-status". To sign the - tarball, "gpg -ba <the_tarball>". Put the files in - /srv/www-master.torproject.org/htdocs/dist/ on vescum.) +7) Sign the tarball, then sign and push the git tag: + gpg -ba <the_tarball> + git tag -u <keyid> tor-0.2.x.y-status + git push origin tag tor-0.2.x.y-status + +8) scp the tarball and its sig to the website in the dist/ directory +(i.e. /srv/www-master.torproject.org/htdocs/dist/ on vescum). Edit +include/versions.wmi to note the new version. From your website checkout, +run ./publish to build and publish the website. -8) Edit include/versions.wmi to note the new version. From your website -checkout, run ./publish to build and publish the website. +Try not to delay too much between scp'ing the tarball and running +./publish -- the website has multiple A records and your scp only sent +it to one of them. 9) Email Erinn and weasel (cc'ing tor-assistants) that a new tarball is up. This step should probably change to mailing more packagers. @@ -498,3 +501,4 @@ changelog to tor-talk or tor-announce. (We might be moving to faster announcements, but don't announce until the website is at least updated.) + diff --git a/src/common/compat.c b/src/common/compat.c index 9377959eb4..80b4907b81 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -415,7 +415,7 @@ tor_vasprintf(char **strp, const char *fmt, va_list args) * * This function is <em>not</em> timing-safe. * - * Requires that nlen be greater than zero. + * Requires that <b>nlen</b> be greater than zero. */ const void * tor_memmem(const void *_haystack, size_t hlen, @@ -1225,7 +1225,8 @@ log_credential_status(void) /* Read, effective and saved GIDs */ gid_t rgid, egid, sgid; /* Supplementary groups */ - gid_t sup_gids[NGROUPS_MAX + 1]; + gid_t *sup_gids = NULL; + int sup_gids_size; /* Number of supplementary groups */ int ngids; @@ -1271,9 +1272,19 @@ log_credential_status(void) #endif /* log supplementary groups */ - if ((ngids = getgroups(NGROUPS_MAX + 1, sup_gids)) < 0) { + sup_gids_size = 64; + sup_gids = tor_malloc(sizeof(gid_t) * 64); + while ((ngids = getgroups(sup_gids_size, sup_gids)) < 0 && + errno == EINVAL && + sup_gids_size < NGROUPS_MAX) { + sup_gids_size *= 2; + sup_gids = tor_realloc(sup_gids, sizeof(gid_t) * sup_gids_size); + } + + if (ngids < 0) { log_warn(LD_GENERAL, "Error getting supplementary GIDs: %s", strerror(errno)); + tor_free(sup_gids); return -1; } else { int i, retval = 0; @@ -1303,6 +1314,7 @@ log_credential_status(void) tor_free(cp); }); smartlist_free(elts); + tor_free(sup_gids); return retval; } diff --git a/src/common/container.c b/src/common/container.c index da44b7fe68..1515c387ad 100644 --- a/src/common/container.c +++ b/src/common/container.c @@ -338,7 +338,8 @@ smartlist_insert(smartlist_t *sl, int idx, void *val) /** * Split a string <b>str</b> along all occurrences of <b>sep</b>, - * adding the split strings, in order, to <b>sl</b>. + * appending the (newly allocated) split strings, in order, to + * <b>sl</b>. Return the number of strings added to <b>sl</b>. * * If <b>flags</b>&SPLIT_SKIP_SPACE is true, remove initial and * trailing space from each entry. @@ -347,7 +348,7 @@ smartlist_insert(smartlist_t *sl, int idx, void *val) * If <b>flags</b>&SPLIT_STRIP_SPACE is true, strip spaces from each * split string. * - * If max>0, divide the string into no more than <b>max</b> pieces. If + * If <b>max</b>\>0, divide the string into no more than <b>max</b> pieces. If * <b>sep</b> is NULL, split on any sequence of horizontal space. */ int diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 6d7e71194e..1140f3314e 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -1501,7 +1501,7 @@ get_unique_circ_id_by_conn(or_connection_t *conn) } /** If <b>verbose</b> is false, allocate and return a comma-separated list of - * the currently built elements of circuit_t. If <b>verbose</b> is true, also + * the currently built elements of <b>circ</b>. If <b>verbose</b> is true, also * list information about link status in a more verbose format using spaces. * If <b>verbose_names</b> is false, give nicknames for Named routers and hex * digests for others; if <b>verbose_names</b> is true, use $DIGEST=Name style @@ -1590,7 +1590,7 @@ circuit_list_path_impl(origin_circuit_t *circ, int verbose, int verbose_names) } /** If <b>verbose</b> is false, allocate and return a comma-separated - * list of the currently built elements of circuit_t. If + * list of the currently built elements of <b>circ</b>. If * <b>verbose</b> is true, also list information about link status in * a more verbose format using spaces. */ @@ -1601,7 +1601,7 @@ circuit_list_path(origin_circuit_t *circ, int verbose) } /** Allocate and return a comma-separated list of the currently built elements - * of circuit_t, giving each as a verbose nickname. + * of <b>circ</b>, giving each as a verbose nickname. */ char * circuit_list_path_for_controller(origin_circuit_t *circ) @@ -1610,7 +1610,7 @@ circuit_list_path_for_controller(origin_circuit_t *circ) } /** Log, at severity <b>severity</b>, the nicknames of each router in - * circ's cpath. Also log the length of the cpath, and the intended + * <b>circ</b>'s cpath. Also log the length of the cpath, and the intended * exit point. */ void @@ -1622,7 +1622,7 @@ circuit_log_path(int severity, unsigned int domain, origin_circuit_t *circ) } /** Tell the rep(utation)hist(ory) module about the status of the links - * in circ. Hops that have become OPEN are marked as successfully + * in <b>circ</b>. Hops that have become OPEN are marked as successfully * extended; the _first_ hop that isn't open (if any) is marked as * unable to extend. */ diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index 8534c38075..e9cc9eb1f4 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -866,7 +866,7 @@ circuit_unlink_all_from_or_conn(or_connection_t *conn, int reason) } /** Return a circ such that: - * - circ-\>rend_data-\>query is equal to <b>rend_query</b>, and + * - circ-\>rend_data-\>onion_address is equal to <b>rend_query</b>, and * - circ-\>purpose is equal to <b>purpose</b>. * * Return NULL if no such circuit exists. diff --git a/src/or/connection.c b/src/or/connection.c index a9e3a74ed6..c791309d68 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -811,7 +811,13 @@ create_unix_sockaddr(const char *listenaddress, char **readable_address, sockaddr = tor_malloc_zero(sizeof(struct sockaddr_un)); sockaddr->sun_family = AF_UNIX; - strncpy(sockaddr->sun_path, listenaddress, sizeof(sockaddr->sun_path)); + if (strlcpy(sockaddr->sun_path, listenaddress, sizeof(sockaddr->sun_path)) + >= sizeof(sockaddr->sun_path)) { + log_warn(LD_CONFIG, "Unix socket path '%s' is too long to fit.", + escaped(listenaddress)); + tor_free(sockaddr); + return NULL; + } if (readable_address) *readable_address = tor_strdup(listenaddress); @@ -2751,15 +2757,15 @@ connection_outbuf_too_full(connection_t *conn) return (conn->outbuf_flushlen > 10*CELL_PAYLOAD_SIZE); } -/** Try to flush more bytes onto conn-\>s. +/** Try to flush more bytes onto <b>conn</b>-\>s. * * This function gets called either from conn_write() in main.c * when poll() has declared that conn wants to write, or below * from connection_write_to_buf() when an entire TLS record is ready. * - * Update conn-\>timestamp_lastwritten to now, and call flush_buf + * Update <b>conn</b>-\>timestamp_lastwritten to now, and call flush_buf * or flush_buf_tls appropriately. If it succeeds and there are no more - * more bytes on conn->outbuf, then call connection_finished_flushing + * more bytes on <b>conn</b>-\>outbuf, then call connection_finished_flushing * on it too. * * If <b>force</b>, then write as many bytes as possible, ignoring bandwidth diff --git a/src/or/control.c b/src/or/control.c index 82017bd1d4..da0a95da15 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -1380,7 +1380,8 @@ getinfo_helper_misc(control_connection_t *conn, const char *question, *answer = tor_strdup("CIRC STREAM ORCONN BW DEBUG INFO NOTICE WARN ERR " "NEWDESC ADDRMAP AUTHDIR_NEWDESCS DESCCHANGED " "NS STATUS_GENERAL STATUS_CLIENT STATUS_SERVER " - "GUARD STREAM_BW CLIENTS_SEEN NEWCONSENSUS"); + "GUARD STREAM_BW CLIENTS_SEEN NEWCONSENSUS " + "BUILDTIMEOUT_SET"); } else if (!strcmp(question, "features/names")) { *answer = tor_strdup("VERBOSE_NAMES EXTENDED_EVENTS"); } else if (!strcmp(question, "address")) { diff --git a/src/or/dirserv.c b/src/or/dirserv.c index d114d8654e..7df9a2fcaa 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2415,7 +2415,7 @@ measured_bw_line_parse(measured_bw_line_t *out, const char *orig_line) tor_free(line); return -1; } - strncpy(out->node_hex, cp, sizeof(out->node_hex)); + strlcpy(out->node_hex, cp, sizeof(out->node_hex)); got_node_id=1; } } while ((cp = tor_strtok_r(NULL, " \t", &strtok_state))); diff --git a/src/or/or.h b/src/or/or.h index 97fecd1500..1909887bbd 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2318,14 +2318,14 @@ typedef struct or_circuit_t { cell_ewma_t p_cell_ewma; } or_circuit_t; -/** Convert a circuit subtype to a circuit_t.*/ +/** Convert a circuit subtype to a circuit_t. */ #define TO_CIRCUIT(x) (&((x)->_base)) -/** Convert a circuit_t* to a pointer to the enclosing or_circuit_t. Asserts +/** Convert a circuit_t* to a pointer to the enclosing or_circuit_t. Assert * if the cast is impossible. */ static or_circuit_t *TO_OR_CIRCUIT(circuit_t *); /** Convert a circuit_t* to a pointer to the enclosing origin_circuit_t. - * Asserts if the cast is impossible. */ + * Assert if the cast is impossible. */ static origin_circuit_t *TO_ORIGIN_CIRCUIT(circuit_t *); static INLINE or_circuit_t *TO_OR_CIRCUIT(circuit_t *x) diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c index 3b18bf6078..c5bf88163d 100644 --- a/src/or/rendcommon.c +++ b/src/or/rendcommon.c @@ -1041,6 +1041,7 @@ rend_cache_store(const char *desc, size_t desc_len, int published, log_warn(LD_REND, "Received service descriptor for service ID %s; " "expected descriptor for service ID %s.", query, safe_str(service_id)); + rend_service_descriptor_free(parsed); return -2; } now = time(NULL); diff --git a/src/test/Makefile.am b/src/test/Makefile.am index 546fa2f4b7..904719d94b 100644 --- a/src/test/Makefile.am +++ b/src/test/Makefile.am @@ -8,7 +8,7 @@ AM_CPPFLAGS = -DSHARE_DATADIR="\"$(datadir)\"" \ -I"$(top_srcdir)/src/or" # -L flags need to go in LDFLAGS. -l flags need to go in LDADD. -# This seems to matter nowhere but on windows, but I assure you that it +# This seems to matter nowhere but on Windows, but I assure you that it # matters a lot there, and is quite hard to debug if you forget to do it. test_SOURCES = \ diff --git a/src/test/tinytest_demo.c b/src/test/tinytest_demo.c index bd33cc37fa..4d2f588435 100644 --- a/src/test/tinytest_demo.c +++ b/src/test/tinytest_demo.c @@ -39,7 +39,7 @@ /* ============================================================ */ /* First, let's see if strcmp is working. (All your test cases should be - * functions declared to take a single void * as) an argument. */ + * functions declared to take a single void * as an argument.) */ void test_strcmp(void *data) { |