diff options
| author | George Kadianakis <desnacked@riseup.net> | 2019-07-04 17:14:06 +0300 |
|---|---|---|
| committer | George Kadianakis <desnacked@riseup.net> | 2019-07-04 17:14:06 +0300 |
| commit | 5303dbe6249ed4b1e268f7a5c41ed6a638c4d0e3 (patch) | |
| tree | 5782c245fdd976985c27682dfe5e5270f798e65c | |
| parent | 85473f9aaf0f54e44aae413d838821956371901a (diff) | |
| parent | 0fa3dc3228a32fd21ff71e24e3c2e456e342e3b8 (diff) | |
| download | tor-5303dbe6249ed4b1e268f7a5c41ed6a638c4d0e3.tar.gz tor-5303dbe6249ed4b1e268f7a5c41ed6a638c4d0e3.zip | |
Merge branch 'tor-github/pr/1152'
| -rw-r--r-- | changes/ticket31026 | 5 | ||||
| -rw-r--r-- | scripts/maint/practracker/exceptions.txt | 4 | ||||
| -rw-r--r-- | src/core/or/connection_edge.c | 1 |
3 files changed, 8 insertions, 2 deletions
diff --git a/changes/ticket31026 b/changes/ticket31026 new file mode 100644 index 0000000000..6f6abcffba --- /dev/null +++ b/changes/ticket31026 @@ -0,0 +1,5 @@ + o Minor bugfixes (coverity compliance): + - Add an assertion when parsing a BEGIN cell so that coverity can be sure + that we are not about to dereference a NULL address. + Fixes bug 31026; bugfix on 0.2.4.7-alpha. This is CID + 1447296. diff --git a/scripts/maint/practracker/exceptions.txt b/scripts/maint/practracker/exceptions.txt index dd2301351f..f28392537b 100644 --- a/scripts/maint/practracker/exceptions.txt +++ b/scripts/maint/practracker/exceptions.txt @@ -101,7 +101,7 @@ problem function-size /src/core/or/circuituse.c:circuit_get_open_circ_or_launch( problem function-size /src/core/or/circuituse.c:connection_ap_handshake_attach_circuit() 244 problem function-size /src/core/or/command.c:command_process_create_cell() 156 problem function-size /src/core/or/command.c:command_process_relay_cell() 132 -problem file-size /src/core/or/connection_edge.c 4595 +problem file-size /src/core/or/connection_edge.c 4596 problem include-count /src/core/or/connection_edge.c 65 problem function-size /src/core/or/connection_edge.c:connection_ap_expire_beginning() 117 problem function-size /src/core/or/connection_edge.c:connection_ap_handshake_rewrite() 192 @@ -109,7 +109,7 @@ problem function-size /src/core/or/connection_edge.c:connection_ap_handle_onion( problem function-size /src/core/or/connection_edge.c:connection_ap_handshake_rewrite_and_attach() 423 problem function-size /src/core/or/connection_edge.c:connection_ap_handshake_send_begin() 111 problem function-size /src/core/or/connection_edge.c:connection_ap_handshake_socks_resolved() 106 -problem function-size /src/core/or/connection_edge.c:connection_exit_begin_conn() 184 +problem function-size /src/core/or/connection_edge.c:connection_exit_begin_conn() 185 problem function-size /src/core/or/connection_edge.c:connection_exit_connect() 102 problem file-size /src/core/or/connection_or.c 3124 problem include-count /src/core/or/connection_or.c 51 diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c index c08d2a9ff5..091d9c9b09 100644 --- a/src/core/or/connection_edge.c +++ b/src/core/or/connection_edge.c @@ -3833,6 +3833,7 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ) if (! bcell.is_begindir) { /* Steal reference */ + tor_assert(bcell.address); address = bcell.address; port = bcell.port; |