From: Nick Mathewson <nickm@torproject.org>
Date: Wed, 11 Jul 2012 13:57:58 +0000 (-0400)
Subject: Check ewma_enabled before doing circ-has-become-inactive check
X-Git-Tag: tor-0.2.4.3-alpha~40^2^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5ade2786050dcf07ee6491145add86da5c21739d;p=thirdparty%2Ftor.git

Check ewma_enabled before doing circ-has-become-inactive check

This avoids a possible crash bug in flush_from_first_active_circuit.

Fixes bug 6341; bugfix on 0.2.2.7-alpha.

Bug reported and fixed by a pseudonymous user on IRC.
---

diff --git a/changes/bug6341 b/changes/bug6341
new file mode 100644
index 0000000000..04e52c7cd3
--- /dev/null
+++ b/changes/bug6341
@@ -0,0 +1,5 @@
+  o Major bugfixes:
+    - Fix a possible crash bug when checking for deactivated circuits
+      in connection_or_flush_from_first_active_circuit(). Fixes bug 
+      6341; bugfix on 0.2.2.7-alpha. Bug report and fix received
+      pseudonymously.
diff --git a/src/or/relay.c b/src/or/relay.c
index 3e418ea13f..b1913e766f 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -2464,7 +2464,7 @@ connection_or_flush_from_first_active_circuit(or_connection_t *conn, int max,
       tor_assert(tmp == cell_ewma);
       add_cell_ewma_to_conn(conn, cell_ewma);
     }
-    if (circ != conn->active_circuits) {
+    if (!ewma_enabled && circ != conn->active_circuits) {
       /* If this happens, the current circuit just got made inactive by
        * a call in connection_write_to_buf().  That's nothing to worry about:
        * circuit_make_inactive_on_conn() already advanced conn->active_circuits