From e62b8bce5a88f8fa38a62ab503df7f0eecfb1d22 Mon Sep 17 00:00:00 2001 From: David Goulet Date: Tue, 7 Nov 2023 13:50:28 -0500 Subject: hs: Fix assert in hs_metrics_update_by_ident() The hs_metrics_failed_rdv() macro could pass a NULL value for the identity key when a building circuit would end up in a failure path *before* the "hs_ident" was able to be set which leading to this assert. This was introduced in 0.4.8.1-alpha with the addition of rendezvous circuit failure metrics for the MetricsPort. This fixes TROVE-2023-006 for which its severity is considered high. Signed-off-by: David Goulet --- changes/ticket40883 | 4 ++++ src/feature/hs/hs_metrics.c | 7 ++++++- 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 changes/ticket40883 diff --git a/changes/ticket40883 b/changes/ticket40883 new file mode 100644 index 0000000000..1186571122 --- /dev/null +++ b/changes/ticket40883 @@ -0,0 +1,4 @@ + o Major bugfixes (onion service, TROVE-2023-006): + - Fix a possible hard assert on a NULL pointer when recording a failed + rendezvous circuit on the service side for the MetricsPort. Fixes bug + 40883; bugfix on 0.4.8.1-alpha diff --git a/src/feature/hs/hs_metrics.c b/src/feature/hs/hs_metrics.c index 19a330a01e..4ce91c2b32 100644 --- a/src/feature/hs/hs_metrics.c +++ b/src/feature/hs/hs_metrics.c @@ -199,7 +199,12 @@ hs_metrics_update_by_ident(const hs_metrics_key_t key, { hs_service_t *service; - tor_assert(ident_pk); + if (!ident_pk) { + /* We can end up here in case this is used from a failure/closing path for + * which we might not have any identity key attacehed to a circuit or + * connection yet. Simply don't assume we have one. */ + return; + } service = hs_service_find(ident_pk); if (!service) { -- cgit v1.2.3-54-g00ecf