From: Nick Mathewson <nickm@torproject.org>
Date: Thu, 11 Sep 2014 03:46:20 +0000 (-0400)
Subject: In routerlist_assert_ok(), check r2 before taking &(r2->cache_info)
X-Git-Tag: tor-0.2.6.1-alpha~135^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3c2c6a61163cd6a42cc0eeee9fc43200b9f08503;p=thirdparty%2Ftor.git

In routerlist_assert_ok(), check r2 before taking &(r2->cache_info)

Technically, we're not allowed to take the address of a member can't
exist relative to the null pointer.  That makes me wonder how any sane
compliant system implements the offsetof macro, but let's let sleeping
balrogs lie.

Fixes 13096; patch on 0.1.1.9-alpha; patch from "teor", who was using
clang -fsanitize=undefined-trap -fsanitize-undefined-trap-on-error -ftrapv
---

diff --git a/changes/bug13096 b/changes/bug13096
new file mode 100644
index 0000000000..521faaf143
--- /dev/null
+++ b/changes/bug13096
@@ -0,0 +1,4 @@
+  o Minor bugfixes (conformance):
+    - In routerlist_assert_ok(), don't take the address of a routerinfo's
+      cache_info member unless that routerinfo is non-NULL. Fixes bug
+      13096; bugfix on 0.1.1.9-alpha. Patch by "teor".
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index b5e924522e..32cbe19379 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -4938,7 +4938,7 @@ routerlist_assert_ok(const routerlist_t *rl)
   } SMARTLIST_FOREACH_END(r);
   SMARTLIST_FOREACH_BEGIN(rl->old_routers, signed_descriptor_t *, sd) {
     r2 = rimap_get(rl->identity_map, sd->identity_digest);
-    tor_assert(sd != &(r2->cache_info));
+    tor_assert(!r2 || sd != &(r2->cache_info));
     sd2 = sdmap_get(rl->desc_digest_map, sd->signed_descriptor_digest);
     tor_assert(sd == sd2);
     tor_assert(sd->routerlist_index == sd_sl_idx);