mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-24 22:58:50 +01:00
Code Issues Projects Releases Wiki Activity

sendme: Fix coverity CID 1444999

Browse source 
The code flow in theory can end up with a layer_hint to be NULL but in
practice it should never happen because with an origin circuit, we must have
the layer_hint.

Just in case, BUG() on it if we ever end up in this situation and recover by
closing the circuit.

Fixes #30467.

Signed-off-by: David Goulet <dgoulet@torproject.org>
This commit is contained in:
David Goulet 2019-05-13 10:00:39 -04:00
parent 2f44786e30
commit def96ce838
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/core/or/sendme.c
View file

@ -412,6 +412,11 @@ sendme_process_circuit_level(crypt_path_t *layer_hint,
/* If we are the origin of the circuit, we are the Client so we use the
* layer hint (the Exit hop) for the package window tracking. */
if (CIRCUIT_IS_ORIGIN(circ)) {
/* If we are the origin of the circuit, it is impossible to not have a
* cpath. Just in case, bug on it and close the circuit. */
if (BUG(layer_hint == NULL)) {
return -END_CIRC_REASON_TORPROTOCOL;
}
if ((layer_hint->package_window + CIRCWINDOW_INCREMENT) >
CIRCWINDOW_START_MAX) {
static struct ratelim_t exit_warn_ratelim = RATELIM_INIT(600);