diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | src/common/aes.c | 2 | ||||
| -rw-r--r-- | src/common/util.c | 4 | ||||
| -rw-r--r-- | src/or/config.c | 21 | ||||
| -rw-r--r-- | src/tools/tor-checkkey.c | 5 |
5 files changed, 21 insertions, 17 deletions
@@ -45,6 +45,9 @@ Changes in version 0.2.2.9-alpha - 2010-02-22 - Fix a spec conformance issue: the network-status-version token must be the first token in a v3 consensus or vote. Discovered by parakeep. Bugfix on 0.2.0.3-alpha. + - When freeing a cipher, zero it out completely. We only zeroed + the first ptrsize bytes. Bugfix on tor-0.0.2pre8. Discovered + and patched by ekir. Fixes bug 1254. o Code simplifications and refactoring: - Generate our manpage and HTML documentation using Asciidoc. This @@ -71,6 +74,9 @@ Changes in version 0.2.2.9-alpha - 2010-02-22 to the circuit build timeout. - Future-proof the controller protocol a bit by ignoring keyword arguments we do not recognize. + - Expand homedirs passed to tor-checkkey. This should silence a + coverity complaint about passing a user-supplied string into + open() without checking it. Changes in version 0.2.1.24 - 2010-02-21 diff --git a/src/common/aes.c b/src/common/aes.c index 451c31f02a..eb7f8fe3fc 100644 --- a/src/common/aes.c +++ b/src/common/aes.c @@ -268,7 +268,7 @@ aes_free_cipher(aes_cnt_cipher_t *cipher) #ifdef USE_OPENSSL_EVP EVP_CIPHER_CTX_cleanup(&cipher->key); #endif - memset(cipher, 0, sizeof(cipher)); + memset(cipher, 0, sizeof(aes_cnt_cipher_t)); tor_free(cipher); } diff --git a/src/common/util.c b/src/common/util.c index a15af7ed57..f7e5dd06c5 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -2312,6 +2312,9 @@ char * expand_filename(const char *filename) { tor_assert(filename); +#ifdef MS_WINDOWS + return tor_strdup(filename); +#else if (*filename == '~') { size_t len; char *home, *result; @@ -2361,6 +2364,7 @@ expand_filename(const char *filename) } else { return tor_strdup(filename); } +#endif } #define MAX_SCANF_WIDTH 9999 diff --git a/src/or/config.c b/src/or/config.c index b8813877fa..5ad1d3f446 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -3839,13 +3839,7 @@ find_torrc_filename(int argc, char **argv, log(LOG_WARN, LD_CONFIG, "Duplicate -f options on command line."); tor_free(fname); } -#ifdef MS_WINDOWS - /* XXX one day we might want to extend expand_filename to work - * under Windows as well. */ - fname = tor_strdup(argv[i+1]); -#else fname = expand_filename(argv[i+1]); -#endif *using_default_torrc = 0; ++i; } else if (!strcmp(argv[i],"--ignore-missing-torrc")) { @@ -4628,15 +4622,12 @@ write_configuration_file(const char *fname, or_options_t *options) int options_save_current(void) { - if (torrc_fname) { - /* This fails if we can't write to our configuration file. - * - * If we try falling back to datadirectory or something, we have a better - * chance of saving the configuration, but a better chance of doing - * something the user never expected. Let's just warn instead. */ - return write_configuration_file(torrc_fname, get_options()); - } - return write_configuration_file(get_default_conf_file(), get_options()); + /* This fails if we can't write to our configuration file. + * + * If we try falling back to datadirectory or something, we have a better + * chance of saving the configuration, but a better chance of doing + * something the user never expected. */ + return write_configuration_file(get_torrc_fname(), get_options()); } /** Mapping from a unit name to a multiplier for converting that unit into a diff --git a/src/tools/tor-checkkey.c b/src/tools/tor-checkkey.c index 739f7332df..e15cc46df9 100644 --- a/src/tools/tor-checkkey.c +++ b/src/tools/tor-checkkey.c @@ -19,6 +19,7 @@ int main(int c, char **v) RSA *rsa; int wantdigest=0; int fname_idx; + char *fname=NULL; init_logging(); if (c < 2) { @@ -46,7 +47,9 @@ int main(int c, char **v) fname_idx = 1; } - str = read_file_to_str(v[fname_idx], 0, NULL); + fname = expand_filename(v[fname_idx]); + str = read_file_to_str(fname, 0, NULL); + tor_free(fname); if (!str) { fprintf(stderr, "Couldn't read %s\n", v[fname_idx]); return 1; |