summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--changes/bug56455
-rw-r--r--src/or/rendmid.c13
2 files changed, 11 insertions, 7 deletions
diff --git a/changes/bug5645 b/changes/bug5645
new file mode 100644
index 0000000000..0abd3b1a21
--- /dev/null
+++ b/changes/bug5645
@@ -0,0 +1,5 @@
+ o Code refactoring:
+ - Defensively refactor rend_mid_rendezvous() so that protocol
+ violations and length checks happen in the beginning. Fixes bug
+ 5645.
+
diff --git a/src/or/rendmid.c b/src/or/rendmid.c
index 2742c351b3..894bbb3c54 100644
--- a/src/or/rendmid.c
+++ b/src/or/rendmid.c
@@ -276,13 +276,6 @@ rend_mid_rendezvous(or_circuit_t *circ, const uint8_t *request,
or_circuit_t *rend_circ;
char hexid[9];
int reason = END_CIRC_REASON_INTERNAL;
- base16_encode(hexid,9,(char*)request,request_len<4?request_len:4);
-
- if (request_len>=4) {
- log_info(LD_REND,
- "Got request for rendezvous from circuit %d to cookie %s.",
- circ->p_circ_id, hexid);
- }
if (circ->_base.purpose != CIRCUIT_PURPOSE_OR || circ->_base.n_conn) {
log_info(LD_REND,
@@ -300,6 +293,12 @@ rend_mid_rendezvous(or_circuit_t *circ, const uint8_t *request,
goto err;
}
+ base16_encode(hexid, sizeof(hexid), (const char*)request, 4);
+
+ log_info(LD_REND,
+ "Got request for rendezvous from circuit %d to cookie %s.",
+ circ->p_circ_id, hexid);
+
rend_circ = circuit_get_rendezvous((char*)request);
if (!rend_circ) {
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,