| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Bug reported and diagnosed in:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975977
Fixes bug #40210.
|
|
Typos found with codespell.
Please keep in mind that this should have impact on actual code
and must be carefully evaluated:
src/core/or/lttng_circuit.inc
- ctf_enum_value("CONTROLER", CIRCUIT_PURPOSE_CONTROLLER)
+ ctf_enum_value("CONTROLLER", CIRCUIT_PURPOSE_CONTROLLER)
|
|
|
|
This way, doxygen can include it.
|
|
Closes #32661
|
|
Amazingly, this time we had no merge conflicts with "falls through" comments.
|
|
GCC added an implicit-fallthrough warning a while back, where it
would complain if you had a nontrivial "case:" block that didn't end
with break, return, or something like that. Clang recently added
the same thing.
GCC, however, would let you annotate a fall-through as intended by
any of various magic "/* fall through */" comments. Clang, however,
only seems to like "__attribute__((fallthrough))". Fortunately, GCC
accepts that too.
A previous commit in this branch defined a FALLTHROUGH macro to do
the right thing if GNUC is defined; here we replace all of our "fall
through" comments with uses of that macro.
This is an automated commit, made with the following perl one-liner:
#!/usr/bin/perl -i -p
s#/\* *falls? ?thr.*?\*/#FALLTHROUGH;#i;
(In order to avoid conflicts, I'm applying this script separately to
each maint branch. This is the 0.4.3 version.)
|
|
GCC added an implicit-fallthrough warning a while back, where it
would complain if you had a nontrivial "case:" block that didn't end
with break, return, or something like that. Clang recently added
the same thing.
GCC, however, would let you annotate a fall-through as intended by
any of various magic "/* fall through */" comments. Clang, however,
only seems to like "__attribute__((fallthrough))". Fortunately, GCC
accepts that too.
A previous commit in this branch defined a FALLTHROUGH macro to do
the right thing if GNUC is defined; here we replace all of our "fall
through" comments with uses of that macro.
This is an automated commit, made with the following perl one-liner:
#!/usr/bin/perl -i -p
s#/\* *falls? ?thr.*?\*/#FALLTHROUGH;#i;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Doing this gives us a valid uint64_t type, freeing us from
dependencies on include order.
|
|
Also, include torerr.h from ht.h if we are using raw_assert.
Otherwise, our includes need to be ordered so that ht.h comes after
util_log.h.
|
|
We were actually omitting the semicolon in a few places, leading to
confusing indentation and some cocci failures.
|
|
Closes ticket 32732.
|
|
|
|
This is an automated commit, generated by this command:
./scripts/maint/rename_c_identifier.py \
address_ttl_s address_ttl_t \
aes_cnt_cipher aes_cnt_cipher_t \
authchallenge_data_s authchallenge_data_t \
authenticate_data_s authenticate_data_t \
cached_bw_event_s cached_bw_event_t \
cbuf cbuf_t \
cell_ewma_s cell_ewma_t \
certs_data_s certs_data_t \
channel_idmap_entry_s channel_idmap_entry_t \
channel_listener_s channel_listener_t \
channel_s channel_t \
channel_tls_s channel_tls_t \
circuit_build_times_s circuit_build_times_t \
circuit_muxinfo_s circuit_muxinfo_t \
circuitmux_policy_circ_data_s circuitmux_policy_circ_data_t \
circuitmux_policy_data_s circuitmux_policy_data_t \
circuitmux_policy_s circuitmux_policy_t \
circuitmux_s circuitmux_t \
coord coord_t \
cpuworker_job_u cpuworker_job_u_t \
cv_testinfo_s cv_testinfo_t \
ddmap_entry_s ddmap_entry_t \
dircollator_s dircollator_t \
dist_ops dist_ops_t \
ecdh_work_s ecdh_work_t \
ewma_policy_circ_data_s ewma_policy_circ_data_t \
ewma_policy_data_s ewma_policy_data_t \
fp_pair_map_entry_s fp_pair_map_entry_t \
fp_pair_map_s fp_pair_map_t \
guard_selection_s guard_selection_t \
mbw_cache_entry_s mbw_cache_entry_t \
outbuf_table_ent_s outbuf_table_ent_t \
queued_event_s queued_event_t \
replyqueue_s replyqueue_t \
rsa_work_s rsa_work_t \
sandbox_cfg_elem sandbox_cfg_elem_t \
scheduler_s scheduler_t \
smp_param smp_param_t \
socket_table_ent_s socket_table_ent_t \
state_s state_t \
threadpool_s threadpool_t \
timeout_cb timeout_cb_t \
tor_libevent_cfg tor_libevent_cfg_t \
tor_threadlocal_s tor_threadlocal_t \
url_table_ent_s url_table_ent_t \
worker_state_s worker_state_t \
workerthread_s workerthread_t \
workqueue_entry_s workqueue_entry_t
|
|
Coverity has had trouble figuring out our csiphash implementation,
and has given spurious warnings about its behavior.
This patch changes the csiphash implementation when coverity is in
use, so that coverity can figure out that we are not about to read
beyond the provided input.
Closes ticket 31025.
|
|
This is to avoid having two sendme.{c|h} in the repository since the subsystem
is implemented in src/core/or/sendme.{c|h}.
Fixes #30769
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
|
|
The function compat_getdelim_ is used for tor_getline if tor is compiled
on a system that lacks getline and getdelim. These systems should be
very rare, considering that getdelim is POSIX.
If this system is further a 32 bit architecture, it is possible to
trigger a double free with huge files.
If bufsiz has been already increased to 2 GB, the next chunk would
be 4 GB in size, which wraps around to 0 due to 32 bit limitations.
A realloc(*buf, 0) could be imagined as "free(*buf); return malloc(0);"
which therefore could return NULL. The code in question considers
that an error, but will keep the value of *buf pointing to already
freed memory.
The caller of tor_getline() would free the pointer again, therefore
leading to a double free.
This code can only be triggered in dirserv_read_measured_bandwidths
with a huge measured bandwith list file on a system that actually
allows to reach 2 GB of space through realloc.
It is not possible to trigger this on Linux with glibc or other major
*BSD systems even on unit tests, because these systems cannot reach
so much memory due to memory fragmentation.
This patch is effectively based on the penetration test report of
cure53 for curl available at https://cure53.de/pentest-report_curl.pdf
and explained under section "CRL-01-007 Double-free in aprintf() via
unsafe size_t multiplication (Medium)".
|
|
Closes ticket 28806.
|
|
Part of 28837.
|
|
|
|
|
|
|
|
Prior to this commit, the testsuite was failing on OpenBSD. After
this commit the testsuite runs fine on OpenBSD.
It was previously decided to test for the OpenBSD macro (rather than
__OpenBSD__, etc.) because OpenBSD forks seem to have the former
macro defined. sys/param.h must be included for the OpenBSD macro
definition; however, many files tested for the OpenBSD macro without
having this header included.
This commit includes sys/param.h in the files where the OpenBSD macro
is used (and sys/param.h is not already included), and it also
changes some instances of the __OpenBSD__ macro to OpenBSD.
See commit 27df23abb675ffeb198bf0c1cc85c4baed77a988 which changed
everything to use OpenBSD instead of __OpenBSD__ or OPENBSD. See
also tickets #6982 and #20980 (the latter ticket is where it was
decided to use the OpenBSD macro).
Signed-off-by: Kris Katterjohn <katterjohn@gmail.com>
|
|
|
|
Also, resolve a circular dependency involving the use of lib/log by
csiphash.c.
|
|
|
|
|
|
|
|
|
|
It's possible for a unit test to report success via its pipe, but to
fail as it tries to clean up and exit. Notably, this happens on a
leak sanitizer failure.
Fixes bug 27658; bugfix on 0.2.2.4-alpha when tinytest was
introduced.
|
|
OSS-Fuzz's version of memorysanitizer can't tell that this value is
not going to be used unsafely.
|
|
|
|
|
|
We need this in our unit tests, since otherwise NSS will notice
we've forked and start cussing us out.
I suspect we'll need a different hack for daemonizing, but this
should be enough for tinytest to work.
|
|
See: https://bugs.torproject.org/26437
|
|
|
|
We shouldn't actually need this code nearly anywhere we build:
getdelim is POSIX, and mingw provides it.
|
|
|
|
|
