diff options
| author | Nick Mathewson <nickm@torproject.org> | 2011-05-10 16:58:38 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2011-05-11 16:12:51 -0400 |
| commit | 59f9097d5c3dc010847c359888d31757d1c97904 (patch) | |
| tree | baed5184d13d62645e00d1ed815ffc0861b2ff87 /src/or/networkstatus.c | |
| parent | db7b2a33eef9c8d432442b072f9c8868a068bb91 (diff) | |
| download | tor-59f9097d5c3dc010847c359888d31757d1c97904.tar.gz tor-59f9097d5c3dc010847c359888d31757d1c97904.zip | |
Hand-conversion and audit phase of memcmp transition
Here I looked at the results of the automated conversion and cleaned
them up as follows:
If there was a tor_memcmp or tor_memeq that was in fact "safe"[*] I
changed it to a fast_memcmp or fast_memeq.
Otherwise if there was a tor_memcmp that could turn into a
tor_memneq or tor_memeq, I converted it.
This wants close attention.
[*] I'm erring on the side of caution here, and leaving some things
as tor_memcmp that could in my opinion use the data-dependent
fast_memcmp variant.
Diffstat (limited to 'src/or/networkstatus.c')
| -rw-r--r-- | src/or/networkstatus.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index e91ff93448..dcd8159aff 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -336,7 +336,7 @@ networkstatus_get_voter_by_id(networkstatus_t *vote, if (!vote || !vote->voters) return NULL; SMARTLIST_FOREACH(vote->voters, networkstatus_voter_info_t *, voter, - if (tor_memeq(voter->identity_digest, identity, DIGEST_LEN)) + if (fast_memeq(voter->identity_digest, identity, DIGEST_LEN)) return voter); return NULL; } @@ -356,7 +356,7 @@ networkstatus_check_voter_signature(networkstatus_t *consensus, size_t signed_digest_len; if (crypto_pk_get_digest(cert->signing_key, d)<0) return -1; - if (tor_memcmp(voter->signing_key_digest, d, DIGEST_LEN)) + if (tor_memneq(voter->signing_key_digest, d, DIGEST_LEN)) return -1; signed_digest_len = crypto_pk_keysize(cert->signing_key); signed_digest = tor_malloc(signed_digest_len); @@ -365,7 +365,7 @@ networkstatus_check_voter_signature(networkstatus_t *consensus, signed_digest_len, voter->signature, voter->signature_len) != DIGEST_LEN || - tor_memcmp(signed_digest, consensus->networkstatus_digest, DIGEST_LEN)) { + tor_memneq(signed_digest, consensus->networkstatus_digest, DIGEST_LEN)) { log_warn(LD_DIR, "Got a bad signature on a networkstatus vote"); voter->bad_signature = 1; } else { @@ -1296,7 +1296,7 @@ routerstatus_has_changed(const routerstatus_t *a, const routerstatus_t *b) tor_assert(tor_memeq(a->identity_digest, b->identity_digest, DIGEST_LEN)); return strcmp(a->nickname, b->nickname) || - tor_memcmp(a->descriptor_digest, b->descriptor_digest, DIGEST_LEN) || + fast_memneq(a->descriptor_digest, b->descriptor_digest, DIGEST_LEN) || a->addr != b->addr || a->or_port != b->or_port || a->dir_port != b->dir_port || |