From ff5584034361154de381874e1a24d0a421aa0631 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Fri, 10 May 2019 17:47:43 -0400 Subject: Don't pass a NULL into a %s when logging client auth file load failure Fortunately, in 0.3.5.1-alpha we improved logging for various failure cases involved with onion service client auth. Unfortunately, for this one, we freed the file right before logging its name. Fortunately, tor_free() sets its pointer to NULL, so we didn't have a use-after-free bug. Unfortunately, passing NULL to %s is not defined. Fortunately, GCC 9.1.1 caught the issue! Unfortunately, nobody has actually tried building Tor with GCC 9.1.1 before. Or if they had, they didn't report the warning. Fixes bug 30475; bugfix on 0.3.5.1-alpha. --- src/feature/hs/hs_service.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/feature/hs') diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index 828ca1da45..4029290364 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -1259,16 +1259,16 @@ load_client_keys(hs_service_t *service) client_key_file_path = hs_path_from_filename(client_keys_dir_path, filename); client_key_str = read_file_to_str(client_key_file_path, 0, NULL); - /* Free immediately after using it. */ - tor_free(client_key_file_path); /* If we cannot read the file, continue with the next file. */ if (!client_key_str) { log_warn(LD_REND, "Client authorization file %s can't be read. " "Corrupted or verify permission? Ignoring.", client_key_file_path); + tor_free(client_key_file_path); continue; } + tor_free(client_key_file_path); client = parse_authorized_client(client_key_str); /* Wipe and free immediately after using it. */ -- cgit v1.2.3-54-g00ecf