diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/common/sandbox.c | 1 | ||||
| -rw-r--r-- | src/or/buffers.c | 11 | ||||
| -rw-r--r-- | src/or/connection_edge.c | 5 | ||||
| -rw-r--r-- | src/test/testing_common.c | 7 |
4 files changed, 18 insertions, 6 deletions
diff --git a/src/common/sandbox.c b/src/common/sandbox.c index fe97af309e..49316c6193 100644 --- a/src/common/sandbox.c +++ b/src/common/sandbox.c @@ -176,6 +176,7 @@ static int filter_nopar_gen[] = { #endif SCMP_SYS(stat), SCMP_SYS(uname), + SCMP_SYS(wait4), SCMP_SYS(write), SCMP_SYS(writev), SCMP_SYS(exit_group), diff --git a/src/or/buffers.c b/src/or/buffers.c index 9f5dc70ed5..be9974418d 100644 --- a/src/or/buffers.c +++ b/src/or/buffers.c @@ -232,7 +232,7 @@ buf_pullup(buf_t *buf, size_t bytes, int nulterminate) size_t n = bytes - dest->datalen; src = dest->next; tor_assert(src); - if (n > src->datalen) { + if (n >= src->datalen) { memcpy(CHUNK_WRITE_PTR(dest), src->data, src->datalen); dest->datalen += src->datalen; dest->next = src->next; @@ -2436,7 +2436,14 @@ assert_buf_ok(buf_t *buf) total += ch->datalen; tor_assert(ch->datalen <= ch->memlen); tor_assert(ch->data >= &ch->mem[0]); - tor_assert(ch->data < &ch->mem[0]+ch->memlen); + tor_assert(ch->data <= &ch->mem[0]+ch->memlen); + if (ch->data == &ch->mem[0]+ch->memlen) { + static int warned = 0; + if (! warned) { + log_warn(LD_BUG, "Invariant violation in buf.c related to #15083"); + warned = 1; + } + } tor_assert(ch->data+ch->datalen <= &ch->mem[0] + ch->memlen); if (!ch->next) tor_assert(ch == buf->tail); diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 3c817decfb..2a1a2f0fd2 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -1598,7 +1598,6 @@ destination_from_socket(entry_connection_t *conn, socks_request_t *req) struct sockaddr_storage orig_dst; socklen_t orig_dst_len = sizeof(orig_dst); tor_addr_t addr; - int rv; #ifdef TRANS_TRPOXY if (options->TransProxyType_parsed == TPT_TPROXY) { @@ -1613,6 +1612,7 @@ destination_from_socket(entry_connection_t *conn, socks_request_t *req) #endif #ifdef TRANS_NETFILTER + int rv = -1; switch (ENTRY_TO_CONN(conn)->socket_family) { #ifdef TRANS_NETFILTER_IPV4 case AF_INET: @@ -1763,7 +1763,8 @@ connection_ap_get_original_destination(entry_connection_t *conn, if (options->TransProxyType_parsed == TPT_PF_DIVERT) return destination_from_socket(conn, req); - if (options->TransProxyType_parsed == TPT_DEFAULT) + if (options->TransProxyType_parsed == TPT_DEFAULT || + options->TransProxyType_parsed == TPT_IPFW) return destination_from_pf(conn, req); (void)conn; diff --git a/src/test/testing_common.c b/src/test/testing_common.c index d7d6dacee6..403c83bdd2 100644 --- a/src/test/testing_common.c +++ b/src/test/testing_common.c @@ -165,18 +165,21 @@ static crypto_pk_t *pregen_keys[5] = {NULL, NULL, NULL, NULL, NULL}; crypto_pk_t * pk_generate(int idx) { + int res; #ifdef CACHE_GENERATED_KEYS tor_assert(idx < N_PREGEN_KEYS); if (! pregen_keys[idx]) { pregen_keys[idx] = crypto_pk_new(); - tor_assert(!crypto_pk_generate_key(pregen_keys[idx])); + res = crypto_pk_generate_key(pregen_keys[idx]); + tor_assert(!res); } return crypto_pk_dup_key(pregen_keys[idx]); #else crypto_pk_t *result; (void) idx; result = crypto_pk_new(); - tor_assert(!crypto_pk_generate_key(result)); + res = crypto_pk_generate_key(result); + tor_assert(!res); return result; #endif } |