From: Nick Mathewson <nickm@torproject.org>
Date: Thu, 6 Oct 2011 17:02:50 +0000 (-0400)
Subject: Make internal error check for unrecognized digest algorithm more robust
X-Git-Tag: tor-0.2.2.34~8^2^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=246afc1b1ba8c81557307bfffa5291c91cc2c782;p=thirdparty%2Ftor.git

Make internal error check for unrecognized digest algorithm more robust

Fixes Coverity CID 479.
---

diff --git a/changes/cov479 b/changes/cov479
new file mode 100644
index 0000000000..afbaffc63b
--- /dev/null
+++ b/changes/cov479
@@ -0,0 +1,5 @@
+  o Minor bugfixes:
+    - Fix internal bug-checking logic that was supposed to catch
+      failures in digest generation so that it will fail more robustly
+      if we ask for a nonexistent algorithm. Found by Coverity Scan.
+      Bugfix on 0.2.2.1-alpha; fixes Coverity CID 479.
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 851f11bf3b..235bd88ffa 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1663,6 +1663,10 @@ crypto_digest_get_digest(crypto_digest_env_t *digest,
       SHA256_Final(r, &tmpenv.d.sha2);
       break;
     default:
+      log_warn(LD_BUG, "Called with unknown algorithm %d", digest->algorithm);
+      /* If fragile_assert is not enabled, then we should at least not
+       * leak anything. */
+      memset(r, 0xff, sizeof(r));
       tor_fragile_assert();
       break;
   }