Assert that some trunnel _new() functions return non-NULL

The trunnel functions are written under the assumption that their
allocators can fail, so GCC LTO thinks they might return NULL.  In
point of fact, they're using tor_malloc() and friends, which can't
fail, but GCC won't necessarily figure that out.

Fixes part of #27772.

diff --git a/src/core/proto/proto_socks.c b/src/core/proto/proto_socks.c
index ccf96f78140a5daa9940830e37cb105b47c85277..e2f233ad0505cb57e3186d4053ff3c4051042e91 100644 (file)
--- a/src/core/proto/proto_socks.c
+++ b/src/core/proto/proto_socks.c
@@ -353,6 +353,7 @@ process_socks5_methods_request(socks_request_t *req, int have_user_pass,
 {
   socks_result_t res = SOCKS_RESULT_DONE;
   socks5_server_method_t *trunnel_resp = socks5_server_method_new();
+  tor_assert(trunnel_resp);
 
   socks5_server_method_set_version(trunnel_resp, SOCKS_VER_5);
 
@@ -478,6 +479,7 @@ process_socks5_userpass_auth(socks_request_t *req)
   socks_result_t res = SOCKS_RESULT_DONE;
   socks5_server_userpass_auth_t *trunnel_resp =
     socks5_server_userpass_auth_new();
+  tor_assert(trunnel_resp);
 
   if (req->socks_version != SOCKS_VER_5) {
     res = SOCKS_RESULT_INVALID;
@@ -869,6 +871,7 @@ socks_request_set_socks5_error(socks_request_t *req,
                   socks5_reply_status_t reason)
 {
   socks5_server_reply_t *trunnel_resp = socks5_server_reply_new();
+  tor_assert(trunnel_resp);
 
   socks5_server_reply_set_version(trunnel_resp, SOCKS_VER_5);
   socks5_server_reply_set_reply(trunnel_resp, reason);

diff --git a/src/feature/nodelist/torcert.c b/src/feature/nodelist/torcert.c
index fe67e564038e6d584f0e55924539c39d276bfa5a..f31e8ed77d9ea866d6e3601171239495dc959f28 100644 (file)
--- a/src/feature/nodelist/torcert.c
+++ b/src/feature/nodelist/torcert.c
@@ -51,6 +51,7 @@ tor_cert_sign_impl(const ed25519_keypair_t *signing_key,
   tor_cert_t *torcert = NULL;
 
   ed25519_cert_t *cert = ed25519_cert_new();
+  tor_assert(cert); // Trunnel's new functions can return NULL.
   cert->cert_type = cert_type;
   cert->exp_field = (uint32_t) CEIL_DIV(now + lifetime, 3600);
   cert->cert_key_type = signed_key_type;

diff --git a/src/lib/crypt_ops/crypto_pwbox.c b/src/lib/crypt_ops/crypto_pwbox.c
index 2377f216a07f8d85b7a90029fd3042ce7d271f20..91536e891bb4aa94b832f5d1cdc7c051bf6dc751 100644 (file)
--- a/src/lib/crypt_ops/crypto_pwbox.c
+++ b/src/lib/crypt_ops/crypto_pwbox.c
@@ -61,6 +61,7 @@ crypto_pwbox(uint8_t **out, size_t *outlen_out,
   int rv;
 
   enc = pwbox_encoded_new();
+  tor_assert(enc);
 
   pwbox_encoded_setlen_skey_header(enc, S2K_MAXLEN);