begin_cell_parse(): Add an assertion to please coverity.

author Nick Mathewson <nickm@torproject.org>

Fri, 28 Jun 2019 15:27:59 +0000 (11:27 -0400)

committer Nick Mathewson <nickm@torproject.org>

Fri, 28 Jun 2019 15:29:51 +0000 (11:29 -0400)
author Nick Mathewson <nickm@torproject.org>
Fri, 28 Jun 2019 15:27:59 +0000 (11:27 -0400)
committer Nick Mathewson <nickm@torproject.org>
Fri, 28 Jun 2019 15:29:51 +0000 (11:29 -0400)
diff --git a/changes/ticket31026 b/changes/ticket31026

new file mode 100644 (file)

index 0000000..6f6abcf
--- /dev/null
+++ b/changes/ticket31026
@@ -0,0 +1,5 @@
+  o Minor bugfixes (coverity compliance):
+    - Add an assertion when parsing a BEGIN cell so that coverity can be sure
+      that we are not about to dereference a NULL address.
+      Fixes bug 31026; bugfix on 0.2.4.7-alpha.  This is CID
+      1447296.
diff --git a/scripts/maint/practracker/exceptions.txt b/scripts/maint/practracker/exceptions.txt

index 3ed76a2bfd46162ccb15d8908fa276528a2fce7d..e29d3b6076f84f389ae6ad1668b8c87f32ac7955 100644 (file)
--- a/scripts/maint/practracker/exceptions.txt
+++ b/scripts/maint/practracker/exceptions.txt
@@ -101,7 +101,7 @@ problem function-size /src/core/or/circuituse.c:circuit_get_open_circ_or_launch(
  problem function-size /src/core/or/circuituse.c:connection_ap_handshake_attach_circuit() 244
  problem function-size /src/core/or/command.c:command_process_create_cell() 156
  problem function-size /src/core/or/command.c:command_process_relay_cell() 132
-problem file-size /src/core/or/connection_edge.c 4595
+problem file-size /src/core/or/connection_edge.c 4596
  problem include-count /src/core/or/connection_edge.c 65
  problem function-size /src/core/or/connection_edge.c:connection_ap_expire_beginning() 117
  problem function-size /src/core/or/connection_edge.c:connection_ap_handshake_rewrite() 192
@@ -109,7 +109,7 @@ problem function-size /src/core/or/connection_edge.c:connection_ap_handle_onion(
  problem function-size /src/core/or/connection_edge.c:connection_ap_handshake_rewrite_and_attach() 423
  problem function-size /src/core/or/connection_edge.c:connection_ap_handshake_send_begin() 111
  problem function-size /src/core/or/connection_edge.c:connection_ap_handshake_socks_resolved() 106
-problem function-size /src/core/or/connection_edge.c:connection_exit_begin_conn() 184
+problem function-size /src/core/or/connection_edge.c:connection_exit_begin_conn() 185
  problem function-size /src/core/or/connection_edge.c:connection_exit_connect() 102
  problem file-size /src/core/or/connection_or.c 3124
  problem include-count /src/core/or/connection_or.c 51
diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c

index c08d2a9ff56dc0b82fe68f129736466073cc1b0b..091d9c9b092808157604dfa6250711d97fd2c218 100644 (file)
--- a/src/core/or/connection_edge.c
+++ b/src/core/or/connection_edge.c
@@ -3833,6 +3833,7 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
  
    if (! bcell.is_begindir) {
      /* Steal reference */
+    tor_assert(bcell.address);
      address = bcell.address;
      port = bcell.port;
author	Nick Mathewson <nickm@torproject.org>
	Fri, 28 Jun 2019 15:27:59 +0000 (11:27 -0400)
committer	Nick Mathewson <nickm@torproject.org>
	Fri, 28 Jun 2019 15:29:51 +0000 (11:29 -0400)
changes/ticket31026	[new file with mode: 0644]	patch \| blob
scripts/maint/practracker/exceptions.txt		patch \| blob \| blame \| history
src/core/or/connection_edge.c		patch \| blob \| blame \| history