diff options
| author | teor <teor2345@gmail.com> | 2018-05-02 22:33:21 +1000 |
|---|---|---|
| committer | teor <teor2345@gmail.com> | 2018-05-02 22:36:23 +1000 |
| commit | d465bd27ed79b1924cf893d4e810786a491ee613 (patch) | |
| tree | b85afc445b40676622b0c6b97883451aca81d7e4 /src | |
| parent | 34e7dca9c9e902a58fe8942cef666f1d99d06030 (diff) | |
| download | tor-d465bd27ed79b1924cf893d4e810786a491ee613.tar.gz tor-d465bd27ed79b1924cf893d4e810786a491ee613.zip | |
Stop logging stack contents when reading a zero-length bandwidth file
When directory authorities read a zero-byte bandwidth file, they log
a warning with the contents of an uninitialised buffer. Log a warning
about the empty file instead.
Fixes bug 26007; bugfix on 0.2.2.1-alpha.
Diffstat (limited to 'src')
| -rw-r--r-- | src/or/dirserv.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 41c6bf3dc8..94290d5dd8 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2750,14 +2750,23 @@ dirserv_read_measured_bandwidths(const char *from_file, time_t file_time, now; int ok; + /* Initialise line, so that we can't possibly run off the end. */ + memset(line, 0, sizeof(line)); + if (fp == NULL) { log_warn(LD_CONFIG, "Can't open bandwidth file at configured location: %s", from_file); return -1; } - if (!fgets(line, sizeof(line), fp) - || !strlen(line) || line[strlen(line)-1] != '\n') { + /* If fgets fails, line is either unmodified, or indeterminate. */ + if (!fgets(line, sizeof(line), fp)) { + log_warn(LD_DIRSERV, "Empty bandwidth file"); + fclose(fp); + return -1; + } + + if (!strlen(line) || line[strlen(line)-1] != '\n') { log_warn(LD_DIRSERV, "Long or truncated time in bandwidth file: %s", escaped(line)); fclose(fp); |