aboutsummaryrefslogtreecommitdiff
path: root/src/core/or/conflux_pool.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/core/or/conflux_pool.c')
-rw-r--r--src/core/or/conflux_pool.c25
1 files changed, 21 insertions, 4 deletions
diff --git a/src/core/or/conflux_pool.c b/src/core/or/conflux_pool.c
index 3a8f6ec8e3..74781b307a 100644
--- a/src/core/or/conflux_pool.c
+++ b/src/core/or/conflux_pool.c
@@ -187,6 +187,8 @@ conflux_free_(conflux_t *cfx)
if (!cfx) {
return;
}
+ tor_assert(cfx->legs);
+ tor_assert(cfx->ooo_q);
SMARTLIST_FOREACH_BEGIN(cfx->legs, conflux_leg_t *, leg) {
SMARTLIST_DEL_CURRENT(cfx->legs, leg);
@@ -260,6 +262,8 @@ unlinked_free(unlinked_circuits_t *unlinked)
if (!unlinked) {
return;
}
+ tor_assert(unlinked->legs);
+
/* This cfx is pointing to a linked set. */
if (!unlinked->is_for_linked_set) {
conflux_free(unlinked->cfx);
@@ -493,10 +497,6 @@ cfx_add_leg(conflux_t *cfx, leg_t *leg)
/* Big trouble if we add a leg to the wrong set. */
tor_assert(tor_memeq(cfx->nonce, leg->link->nonce, sizeof(cfx->nonce)));
- if (BUG(CONFLUX_NUM_LEGS(cfx) > CONFLUX_MAX_CIRCS)) {
- return;
- }
-
conflux_leg_t *cleg = tor_malloc_zero(sizeof(*cleg));
cleg->circ = leg->circ;
// TODO-329-ARTI: Blindly copying the values from the cell. Is this correct?
@@ -731,6 +731,9 @@ try_finalize_set(unlinked_circuits_t *unlinked)
bool is_client;
tor_assert(unlinked);
+ tor_assert(unlinked->legs);
+ tor_assert(unlinked->cfx);
+ tor_assert(unlinked->cfx->legs);
/* Without legs, this is not ready to become a linked set. */
if (BUG(smartlist_len(unlinked->legs) == 0)) {
@@ -738,6 +741,17 @@ try_finalize_set(unlinked_circuits_t *unlinked)
goto end;
}
+ /* If there are too many legs, we can't link. */
+ if (smartlist_len(unlinked->legs) +
+ smartlist_len(unlinked->cfx->legs) > conflux_params_get_max_legs_set()) {
+ log_fn(LOG_PROTOCOL_WARN, LD_CIRC,
+ "Conflux set has too many legs to link. "
+ "Rejecting this circuit.");
+ conflux_log_set(LOG_PROTOCOL_WARN, unlinked->cfx, unlinked->is_client);
+ err = ERR_LINK_CIRC_INVALID_LEG;
+ goto end;
+ }
+
/* Validate that all legs are coherent and parameters match. On failure, we
* teardown the whole unlinked set because this means we either have a code
* flow problem or the Exit is trying to trick us. */
@@ -1601,6 +1615,9 @@ linked_circuit_free(circuit_t *circ, bool is_client)
{
tor_assert(circ);
tor_assert(circ->conflux);
+ tor_assert(circ->conflux->legs);
+ tor_assert(circ->conflux->ooo_q);
+
if (is_client) {
tor_assert(circ->purpose == CIRCUIT_PURPOSE_CONFLUX_LINKED);
}
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion