From 3ebe960f3f734322ea3ea471ca6abceb245ca322 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 23 Nov 2011 23:04:10 -0500 Subject: [PATCH] Detect tor_addr_to_str failure in tor_dup_addr. This avoids a possible strdup of an uninitialized buffer. Fixes 4529; fix on 0.2.1.3-alpha; reported by troll_un. --- changes/bug4529 | 5 +++++ src/common/address.c | 7 +++++-- 2 files changed, 10 insertions(+), 2 deletions(-) create mode 100644 changes/bug4529 diff --git a/changes/bug4529 b/changes/bug4529 new file mode 100644 index 0000000000..89d10b2f6b --- /dev/null +++ b/changes/bug4529 @@ -0,0 +1,5 @@ + o Minor bufixes: + - If we had ever tried to call tor_addr_to_str on an address of + unknown type, we would have done a strdup on an uninitialized + buffer. Now we won't. Fixes bug 4529; bugfix on 0.2.1.3-alpha. + Reported by "troll_un". diff --git a/src/common/address.c b/src/common/address.c index 7fc7301051..46ccb1fe4a 100644 --- a/src/common/address.c +++ b/src/common/address.c @@ -945,8 +945,11 @@ char * tor_dup_addr(const tor_addr_t *addr) { char buf[TOR_ADDR_BUF_LEN]; - tor_addr_to_str(buf, addr, sizeof(buf), 0); - return tor_strdup(buf); + if (tor_addr_to_str(buf, addr, sizeof(buf), 0)) { + return tor_strdup(buf); + } else { + return tor_strdup(""); + } } /** Return a string representing the address addr. This string is -- 2.47.3