diff options
Diffstat (limited to 'src/common')
| -rw-r--r-- | src/common/buffers.c | 2 | ||||
| -rw-r--r-- | src/common/compat.c | 25 | ||||
| -rw-r--r-- | src/common/timers.c | 2 | ||||
| -rw-r--r-- | src/common/util.c | 27 |
4 files changed, 29 insertions, 27 deletions
diff --git a/src/common/buffers.c b/src/common/buffers.c index d8f33aeed6..55a30092ee 100644 --- a/src/common/buffers.c +++ b/src/common/buffers.c @@ -907,6 +907,8 @@ buf_peek_startswith(const buf_t *buf, const char *cmd) { char tmp[PEEK_BUF_STARTSWITH_MAX]; size_t clen = strlen(cmd); + if (clen == 0) + return 1; if (BUG(clen > sizeof(tmp))) return 0; if (buf->datalen < clen) diff --git a/src/common/compat.c b/src/common/compat.c index d377c922c8..ab1fbc64fe 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -2236,34 +2236,32 @@ switch_id(const char *user, const unsigned flags) int tor_disable_debugger_attach(void) { - int r, attempted; - r = -1; - attempted = 0; + int r = -1; log_debug(LD_CONFIG, "Attemping to disable debugger attachment to Tor for " "unprivileged users."); #if defined(__linux__) && defined(HAVE_SYS_PRCTL_H) \ && defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) - attempted = 1; +#define TRIED_TO_DISABLE r = prctl(PR_SET_DUMPABLE, 0); -#endif -#if defined(__APPLE__) && defined(PT_DENY_ATTACH) - if (r < 0) { - attempted = 1; - r = ptrace(PT_DENY_ATTACH, 0, 0, 0); - } -#endif /* defined(__APPLE__) && defined(PT_DENY_ATTACH) */ +#elif defined(__APPLE__) && defined(PT_DENY_ATTACH) +#define TRIED_TO_ATTACH + r = ptrace(PT_DENY_ATTACH, 0, 0, 0); +#endif /* defined(__linux__) && defined(HAVE_SYS_PRCTL_H) ... || ... */ // XXX: TODO - Mac OS X has dtrace and this may be disabled. // XXX: TODO - Windows probably has something similar - if (r == 0 && attempted) { +#ifdef TRIED_TO_DISABLE + if (r == 0) { log_debug(LD_CONFIG,"Debugger attachment disabled for " "unprivileged users."); return 1; - } else if (attempted) { + } else { log_warn(LD_CONFIG, "Unable to disable debugger attaching: %s", strerror(errno)); } +#endif /* defined(TRIED_TO_DISABLE) */ +#undef TRIED_TO_DISABLE return r; } @@ -2582,6 +2580,7 @@ tor_inet_pton(int af, const char *src, void *dst) int gapPos = -1, i, setWords=0; const char *dot = strchr(src, '.'); const char *eow; /* end of words. */ + memset(words, 0xf8, sizeof(words)); if (dot == src) return 0; else if (!dot) diff --git a/src/common/timers.c b/src/common/timers.c index a590611be6..c8e09414f4 100644 --- a/src/common/timers.c +++ b/src/common/timers.c @@ -191,7 +191,7 @@ timers_initialize(void) if (BUG(global_timeouts)) return; // LCOV_EXCL_LINE - timeout_error_t err; + timeout_error_t err = 0; global_timeouts = timeouts_open(0, &err); if (!global_timeouts) { // LCOV_EXCL_START -- this can only fail on malloc failure. diff --git a/src/common/util.c b/src/common/util.c index b262691d72..bcb1449a18 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -445,7 +445,7 @@ tor_log2(uint64_t u64) r += 2; } if (u64 >= (U64_LITERAL(1)<<1)) { - u64 >>= 1; + // u64 >>= 1; // not using this any more. r += 1; } return r; @@ -3616,7 +3616,7 @@ start_daemon(void) } else { /* Child */ close(daemon_filedes[0]); /* we only write */ - pid = setsid(); /* Detach from controlling terminal */ + (void) setsid(); /* Detach from controlling terminal */ /* * Fork one more time, so the parent (the session group leader) can exit. * This means that we, as a non-session group leader, can never regain a @@ -4314,7 +4314,6 @@ tor_spawn_background(const char *const filename, const char **argv, int stderr_pipe[2]; int stdin_pipe[2]; int fd, retval; - ssize_t nbytes; process_handle_t *process_handle; int status; @@ -4335,7 +4334,7 @@ tor_spawn_background(const char *const filename, const char **argv, and we are not allowed to use unsafe functions between fork and exec */ error_message_length = strlen(error_message); - child_state = CHILD_STATE_PIPE; + // child_state = CHILD_STATE_PIPE; /* Set up pipe for redirecting stdout, stderr, and stdin of child */ retval = pipe(stdout_pipe); @@ -4372,7 +4371,7 @@ tor_spawn_background(const char *const filename, const char **argv, return status; } - child_state = CHILD_STATE_MAXFD; + // child_state = CHILD_STATE_MAXFD; #ifdef _SC_OPEN_MAX if (-1 == max_fd) { @@ -4387,7 +4386,7 @@ tor_spawn_background(const char *const filename, const char **argv, max_fd = DEFAULT_MAX_FD; #endif /* defined(_SC_OPEN_MAX) */ - child_state = CHILD_STATE_FORK; + // child_state = CHILD_STATE_FORK; pid = fork(); if (0 == pid) { @@ -4423,7 +4422,7 @@ tor_spawn_background(const char *const filename, const char **argv, if (-1 == retval) goto error; - child_state = CHILD_STATE_CLOSEFD; + // child_state = CHILD_STATE_CLOSEFD; close(stderr_pipe[0]); close(stderr_pipe[1]); @@ -4439,7 +4438,7 @@ tor_spawn_background(const char *const filename, const char **argv, close(fd); } - child_state = CHILD_STATE_EXEC; + // child_state = CHILD_STATE_EXEC; /* Call the requested program. We need the cast because execvp doesn't define argv as const, even though it @@ -4458,7 +4457,8 @@ tor_spawn_background(const char *const filename, const char **argv, error: { /* XXX: are we leaking fds from the pipe? */ - int n; + int n, err=0; + ssize_t nbytes; n = format_helper_exit_status(child_state, errno, hex_errno); @@ -4467,13 +4467,14 @@ tor_spawn_background(const char *const filename, const char **argv, value, but there is nothing we can do if it fails */ /* TODO: Don't use STDOUT, use a pipe set up just for this purpose */ nbytes = write(STDOUT_FILENO, error_message, error_message_length); + err = (nbytes < 0); nbytes = write(STDOUT_FILENO, hex_errno, n); + err += (nbytes < 0); } - } - (void) nbytes; + _exit(err?254:255); + } - _exit(255); /* Never reached, but avoids compiler warning */ return status; // LCOV_EXCL_LINE } @@ -4540,7 +4541,7 @@ tor_spawn_background(const char *const filename, const char **argv, } *process_handle_out = process_handle; - return process_handle->status; + return status; #endif /* defined(_WIN32) */ } |