Ensure signing_key is non-NULL before accessing one of its members

author teor <teor2345@gmail.com>

Tue, 2 Jun 2015 17:56:05 +0000 (03:56 +1000)

committer teor <teor2345@gmail.com>

Tue, 2 Jun 2015 18:19:05 +0000 (04:19 +1000)
author teor <teor2345@gmail.com>
Tue, 2 Jun 2015 17:56:05 +0000 (03:56 +1000)
committer teor <teor2345@gmail.com>
Tue, 2 Jun 2015 18:19:05 +0000 (04:19 +1000)
diff --git a/changes/bug16115-signing-key-NULL-check b/changes/bug16115-signing-key-NULL-check

new file mode 100644 (file)

index 0000000..3d4f05b
--- /dev/null
+++ b/changes/bug16115-signing-key-NULL-check
@@ -0,0 +1,6 @@
+  o Minor fixes (threads, comments):
+    - Ensure signing_key is non-NULL before accessing one of its members
+      signing_key can be NULL in ed_key_init_from_file in routerkeys.c.
+      Discovered by clang 3.7 address sanitizer.
+      Patch by "teor".
+      Fix on c03694938ed0, not in any released version of Tor.
diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c

index b17d1958f78c6ac91c356a43d5982dc21781487d..e79204cf09d1c86f3a486a1d9fee4b5c3084a7b0 100644 (file)
--- a/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@ -152,7 +152,8 @@ ed_key_init_from_file(const char *fname, uint32_t flags,
                          ED25519_PUBKEY_LEN)) {
      tor_log(severity, LD_OR, "Cert was for wrong key");
      bad_cert = 1;
-  } else if (tor_cert_checksig(cert, &signing_key->pubkey, now) < 0 &&
+  } else if (signing_key &&
+             tor_cert_checksig(cert, &signing_key->pubkey, now) < 0 &&
               (signing_key || cert->cert_expired)) {
      tor_log(severity, LD_OR, "Can't check certificate");
      bad_cert = 1;
author	teor <teor2345@gmail.com>
	Tue, 2 Jun 2015 17:56:05 +0000 (03:56 +1000)
committer	teor <teor2345@gmail.com>
	Tue, 2 Jun 2015 18:19:05 +0000 (04:19 +1000)
changes/bug16115-signing-key-NULL-check	[new file with mode: 0644]	patch \| blob
src/or/routerkeys.c		patch \| blob \| blame \| history