Make internal error check for unrecognized digest algorithm more robust

author Nick Mathewson <nickm@torproject.org>

Thu, 6 Oct 2011 17:02:50 +0000 (13:02 -0400)

committer Nick Mathewson <nickm@torproject.org>

Thu, 6 Oct 2011 18:13:09 +0000 (14:13 -0400)
author Nick Mathewson <nickm@torproject.org>
Thu, 6 Oct 2011 17:02:50 +0000 (13:02 -0400)
committer Nick Mathewson <nickm@torproject.org>
Thu, 6 Oct 2011 18:13:09 +0000 (14:13 -0400)
diff --git a/changes/cov479 b/changes/cov479

new file mode 100644 (file)

index 0000000..afbaffc
--- /dev/null
+++ b/changes/cov479
@@ -0,0 +1,5 @@
+  o Minor bugfixes:
+    - Fix internal bug-checking logic that was supposed to catch
+      failures in digest generation so that it will fail more robustly
+      if we ask for a nonexistent algorithm. Found by Coverity Scan.
+      Bugfix on 0.2.2.1-alpha; fixes Coverity CID 479.
diff --git a/src/common/crypto.c b/src/common/crypto.c

index 851f11bf3bc90978e55cdd0b70ca1dca4099117a..235bd88ffa3de76223f8de94d9326f1119c95e17 100644 (file)
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1663,6 +1663,10 @@ crypto_digest_get_digest(crypto_digest_env_t *digest,
        SHA256_Final(r, &tmpenv.d.sha2);
        break;
      default:
+      log_warn(LD_BUG, "Called with unknown algorithm %d", digest->algorithm);
+      /* If fragile_assert is not enabled, then we should at least not
+       * leak anything. */
+      memset(r, 0xff, sizeof(r));
        tor_fragile_assert();
        break;
    }
author	Nick Mathewson <nickm@torproject.org>
	Thu, 6 Oct 2011 17:02:50 +0000 (13:02 -0400)
committer	Nick Mathewson <nickm@torproject.org>
	Thu, 6 Oct 2011 18:13:09 +0000 (14:13 -0400)
changes/cov479	[new file with mode: 0644]	patch \| blob
src/common/crypto.c		patch \| blob \| blame \| history