| Age | Commit message (Collapse) | Author |
|---|
|
Check all date/time values passed to tor_timegm
and parse_rfc1123_time for validity, taking leap
years into account.
Improves HTTP header validation.
Avoid unlikely signed integer overflow in tor_timegm
on systems with 32-bit time_t.
Fixes bug 13476.
|
|
|
|
Fix an instance of integer overflow in format_time_interval() when
taking the absolute value of the supplied signed interval value.
Fixes bug 13393.
Create unit tests for format_time_interval().
|
|
|
|
Part of 13104; patch from teor.
|
|
(Patch from teor on 13104)
|
|
This fixes bug 13102 (not on any released Tor) where using the
standard SSIZE_MAX name broke mingw64, and we didn't realize.
I did this with
perl -i -pe 's/SIZE_T_MAX/SIZE_MAX/' src/*/*.[ch] src/*/*/*.[ch]
|
|
|
|
The clangalyzer doesn't believe our math here. I'm pretty sure our
math is right. Also, add some unit tests.
|
|
Also, make MALLOC_ZERO_WORKS never get applied when clang analyzer is
running. This should make the clangalyzer a little happier.
|
|
[CID 718609]
|
|
|
|
|
|
|
|
As far as I know, nobody has used this in ages. It would be a
pretty big surprise if it had worked.
Closes ticket 11446.
|
|
Conflicts:
src/common/include.am
|
|
When we create a process yourself with CreateProcess, we get a
handle to the process in the PROCESS_INFO output structure. But
instead of using that handle, we were manually looking up a _new_
handle based on the process ID, which is a poor idea, since the
process ID might refer to a new process later on, but the handle
can't.
|
|
This lets us avoid sending SIGTERM to something that has already
died, since we realize it has already died, and is a fix for the
unix version of #8746.
|
|
|
|
|
|
When running with User set, we frequently try to look up our
information in the user database (e.g., /etc/passwd). The seccomp2
sandbox setup doesn't let us open /etc/passwd, and probably
shouldn't.
To fix this, we have a pair of wrappers for getpwnam and getpwuid.
When a real call to getpwnam or getpwuid fails, they fall back to a
cached value, if the uid/gid matches.
(Granting access to /etc/passwd isn't possible with the way we
handle opening files through the sandbox. It's not desirable either.)
|
|
|
|
Fix for bug 9781; bugfix on cd05f35d2cdf50 in 0.2.4.2-alpha.
|
|
On OpenBSD 5.4, time_t is a 32-bit integer. These instances contain
implicit treatment of long and time_t as comparable types, so explicitly
cast to time_t.
|
|
No code has changed; only moved. Part of a fix for 9781.
|
|
|
|
|
|
Fixes bug 11605; bugfix on 0.2.4.10-alpha.
|
|
(It's nice to know what we were about to rename before we died from
renaming it.)
|
|
|
|
|
|
Help to diagnose #11233
|
|
Most of these are simple. The only nontrivial part is that our
pattern for using ENUM_BF was confusing doxygen by making declarations
that didn't look like declarations.
|
|
|
|
This flag prevents the creation of a console window popup on Windows. We
need it for pluggable transport executables--otherwise you get blank
console windows when you launch the 3.x browser bundle with transports
enabled.
http://msdn.microsoft.com/en-us/library/ms684863.aspx#CREATE_NO_WINDOW
The browser bundles that used Vidalia used to set this flag when
launching tor itself; it was apparently inherited by the pluggable
transports launched by tor. In the 3.x bundles, tor is launched by some
JavaScript code, which doesn't have the ability to set CREATE_NO_WINDOW.
tor itself is now being compiled with the -mwindows option, so that it
is a GUI application, not a console application, and doesn't show a
console window in any case. This workaround doesn't work for pluggable
transports, because they need to be able to write control messages to
stdout.
https://trac.torproject.org/projects/tor/ticket/9444#comment:30
|
|
Fixes CID 743381
|
|
|
|
Conflicts:
src/common/sandbox.c
src/common/sandbox.h
src/common/util.c
src/or/main.c
src/test/include.am
src/test/test.c
|
|
|
|
This meant moving a fair bit of code around, and writing a signal
cleanup function. Still pretty nice from what I can tell, though.
|
|
On platforms with the backtrace/backtrace_symbols_fd interface, Tor
can now dump stack traces on assertion failure. By default, I log
them to DataDir/stack_dump and to stderr.
|
|
Conflicts:
src/or/relay.c
Conflict changes were easy; compilation fixes required were using
using TOR_SIMPLEQ_FIRST to get head of cell queue.
|
|
Conflicts:
src/or/or.h
src/or/relay.c
Conflicts were simple to resolve. More fixes were needed for
compilation, including: reinstating the tv_to_msec function, and renaming
*_conn_cells to *_chan_cells.
|
|
|
|
|
|
|
|
|
|
Fix format_helper_exit_status to allow full HEX_ERRNO_SIZE answers,
*and* increase the buffer length again.
|
|
|
|
|
