Handle the case where tor-gencert gets a passphrase with no NL

Closes ticket 17443.

diff --git a/changes/bug17443 b/changes/bug17443
new file mode 100644 (file)
index 0000000..e4c040b
--- /dev/null
+++ b/changes/bug17443
@@ -0,0 +1,5 @@
+  o Minor bugfixes (tor-gencert):
+    - Correctly handle the case where an authority operator enters a
+      passphrase but sends an EOF before sending a newline.
+      Fixes bug 17443; bugfix on 0.2.0.20-rc. Found by "junglefowl".
+

diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c
index e833aa9ef502920e082bbc5b56fcbddc4bf43c7c..4e5e1dc590f4aa544b12a47c2ffd0f819b213828 100644 (file)
--- a/src/tools/tor-gencert.c
+++ b/src/tools/tor-gencert.c
@@ -96,14 +96,21 @@ load_passphrase(void)
 {
   char *cp;
   char buf[1024]; /* "Ought to be enough for anybody." */
+  memset(buf, 0, sizeof(buf)); /* should be needless */
   ssize_t n = read_all(passphrase_fd, buf, sizeof(buf), 0);
   if (n < 0) {
     log_err(LD_GENERAL, "Couldn't read from passphrase fd: %s",
             strerror(errno));
     return -1;
   }
+  /* We'll take everything from the buffer except for optional terminating
+   * newline. */
   cp = memchr(buf, '\n', n);
-  passphrase_len = cp-buf;
+  if (cp == NULL) {
+    passphrase_len = n;
+  } else {
+    passphrase_len = cp-buf;
+  }
   passphrase = tor_strndup(buf, passphrase_len);
   memwipe(buf, 0, sizeof(buf));
   return 0;