[tbb-commits] [tor-browser/tor-browser-31.2.0esr-4.x-1] fixup! Bug 13028: Prevent potential proxy bypass cases.

mikeperry at torproject.org mikeperry at torproject.org
Fri Oct 24 00:47:56 UTC 2014


commit 6cb68a4ec0990509273a939c2034c20aa26ff69d
Author: Mike Perry <mikeperry-git at torproject.org>
Date:   Thu Oct 23 17:45:47 2014 -0700

    fixup! Bug 13028: Prevent potential proxy bypass cases.
    
    This fixes MSVC compilation.
---
 security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c |    8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
index 5bb6dd3..68ba2f4 100644
--- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
+++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_socket.c
@@ -1433,15 +1433,15 @@ pkix_pl_Socket_CreateByName(
         PKIX_ENTER(SOCKET, "pkix_pl_Socket_CreateByName");
         PKIX_NULLCHECK_TWO(serverName, pSocket);
 
+        localCopyName = PL_strdup(serverName);
+
         // XXX: Do we need a unittest ifdef here? We don't want to break the tests, but
         // we want to ensure nothing can ever hit this code in production.
 #if 1
         printf("Tor Browser BUG: Attempted pkix direct connect to %s\n", serverName);
-        return PR_FAILURE;
+        PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
 #endif
 
-        localCopyName = PL_strdup(serverName);
-
         sepPtr = strchr(localCopyName, ':');
         /* First strip off the portnum, if present, from the end of the name */
         if (sepPtr) {
@@ -1596,7 +1596,7 @@ pkix_pl_Socket_CreateByHostAndPort(
 #if 1
         printf("Tor Browser BUG: Attempted pkix direct connect to %s, port %u\n", hostname,
                 portnum);
-        return PR_FAILURE;
+        PKIX_ERROR(PKIX_PRNEWTCPSOCKETFAILED);
 #endif
 
         prstatus = PR_GetHostByName(hostname, buf, sizeof(buf), &hostent);



More information about the tbb-commits mailing list