aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2008-02-18 18:14:34 +0000
committerNick Mathewson <nickm@torproject.org>2008-02-18 18:14:34 +0000
commit08f7842384b4aa19889f72f8d8cd7f1dc2bba470 (patch)
treeaf89665ba5c80b49102c0ecbd59a736b83668b3c /src
parent5d069a543b465a4646455d9cc251de936fde5c18 (diff)
downloadtor-08f7842384b4aa19889f72f8d8cd7f1dc2bba470.tar.gz
tor-08f7842384b4aa19889f72f8d8cd7f1dc2bba470.zip
r18139@catbus: nickm | 2008-02-18 13:14:05 -0500
Clarify logic in trusted_dirs_load_certs_from_string(); avoid a maybe-impossible maybe-not double-free spotted by lodger. svn:r13558
Diffstat (limited to 'src')
-rw-r--r--src/or/routerlist.c47
1 files changed, 27 insertions, 20 deletions
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 06d9775c1a..2418c7ee8e 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -132,6 +132,23 @@ trusted_dirs_reload_certs(void)
return r;
}
+/** Helper: return true iff we already have loaded the exact cert
+ * <b>cert</b>. */
+static INLINE int
+already_have_cert(authority_cert_t *cert)
+{
+ cert_list_t *cl = get_cert_list(cert->cache_info.identity_digest);
+
+ SMARTLIST_FOREACH(cl->certs, authority_cert_t *, c,
+ {
+ if (!memcmp(c->cache_info.signed_descriptor_digest,
+ cert->cache_info.signed_descriptor_digest,
+ DIGEST_LEN))
+ return 1;
+ });
+ return 0;
+}
+
/** Load a bunch of new key certificates from the string <b>contents</b>. If
* <b>from_store</b> is true, the certificates are from the cache, and we
* don't need to flush them to disk. If <b>from_store</b> is false, we need
@@ -141,12 +158,11 @@ int
trusted_dirs_load_certs_from_string(const char *contents, int from_store)
{
trusted_dir_server_t *ds;
- cert_list_t *cl;
const char *s, *eos;
for (s = contents; *s; s = eos) {
authority_cert_t *cert = authority_cert_parse_from_string(s, &eos);
- int found = 0;
+ cert_list_t *cl;
if (!cert)
break;
ds = trusteddirserver_get_by_v3_auth_digest(
@@ -154,25 +170,15 @@ trusted_dirs_load_certs_from_string(const char *contents, int from_store)
log_debug(LD_DIR, "Parsed certificate for %s",
ds ? ds->nickname : "unknown authority");
- cl = get_cert_list(cert->cache_info.identity_digest);
-
- SMARTLIST_FOREACH(cl->certs, authority_cert_t *, c,
- {
- if (!memcmp(c->cache_info.signed_descriptor_digest,
- cert->cache_info.signed_descriptor_digest,
- DIGEST_LEN)) {
- /* we already have this one. continue. */
- log_info(LD_DIR, "Skipping %s certificate for %s that we "
- "already have.",
- from_store ? "cached" : "downloaded",
- ds ? ds->nickname : "??");
- authority_cert_free(cert);
- found = 1;
- }
- });
-
- if (found)
+ if (already_have_cert(cert)) {
+ /* we already have this one. continue. */
+ log_info(LD_DIR, "Skipping %s certificate for %s that we "
+ "already have.",
+ from_store ? "cached" : "downloaded",
+ ds ? ds->nickname : "??");
+ authority_cert_free(cert);
continue;
+ }
if (ds) {
log_info(LD_DIR, "Adding %s certificate for directory authority %s with "
@@ -185,6 +191,7 @@ trusted_dirs_load_certs_from_string(const char *contents, int from_store)
hex_str(cert->signing_key_digest,DIGEST_LEN));
}
+ cl = get_cert_list(cert->cache_info.identity_digest);
smartlist_add(cl->certs, cert);
if (ds && cert->cache_info.published_on > ds->addr_current_at) {
/* Check to see whether we should update our view of the authority's