[or-cvs] r13558: Clarify logic in trusted_dirs_load_certs_from_string(); avoi (in tor/trunk: . src/or)
nickm at seul.org
nickm at seul.org
Mon Feb 18 18:14:35 UTC 2008
Author: nickm
Date: 2008-02-18 13:14:34 -0500 (Mon, 18 Feb 2008)
New Revision: 13558
Modified:
tor/trunk/
tor/trunk/src/or/routerlist.c
Log:
r18139 at catbus: nickm | 2008-02-18 13:14:05 -0500
Clarify logic in trusted_dirs_load_certs_from_string(); avoid a maybe-impossible maybe-not double-free spotted by lodger.
Property changes on: tor/trunk
___________________________________________________________________
svk:merge ticket from /tor/trunk [r18139] on 8246c3cf-6607-4228-993b-4d95d33730f1
Modified: tor/trunk/src/or/routerlist.c
===================================================================
--- tor/trunk/src/or/routerlist.c 2008-02-18 18:14:32 UTC (rev 13557)
+++ tor/trunk/src/or/routerlist.c 2008-02-18 18:14:34 UTC (rev 13558)
@@ -132,6 +132,23 @@
return r;
}
+/** Helper: return true iff we already have loaded the exact cert
+ * <b>cert</b>. */
+static INLINE int
+already_have_cert(authority_cert_t *cert)
+{
+ cert_list_t *cl = get_cert_list(cert->cache_info.identity_digest);
+
+ SMARTLIST_FOREACH(cl->certs, authority_cert_t *, c,
+ {
+ if (!memcmp(c->cache_info.signed_descriptor_digest,
+ cert->cache_info.signed_descriptor_digest,
+ DIGEST_LEN))
+ return 1;
+ });
+ return 0;
+}
+
/** Load a bunch of new key certificates from the string <b>contents</b>. If
* <b>from_store</b> is true, the certificates are from the cache, and we
* don't need to flush them to disk. If <b>from_store</b> is false, we need
@@ -141,12 +158,11 @@
trusted_dirs_load_certs_from_string(const char *contents, int from_store)
{
trusted_dir_server_t *ds;
- cert_list_t *cl;
const char *s, *eos;
for (s = contents; *s; s = eos) {
authority_cert_t *cert = authority_cert_parse_from_string(s, &eos);
- int found = 0;
+ cert_list_t *cl;
if (!cert)
break;
ds = trusteddirserver_get_by_v3_auth_digest(
@@ -154,25 +170,15 @@
log_debug(LD_DIR, "Parsed certificate for %s",
ds ? ds->nickname : "unknown authority");
- cl = get_cert_list(cert->cache_info.identity_digest);
-
- SMARTLIST_FOREACH(cl->certs, authority_cert_t *, c,
- {
- if (!memcmp(c->cache_info.signed_descriptor_digest,
- cert->cache_info.signed_descriptor_digest,
- DIGEST_LEN)) {
- /* we already have this one. continue. */
- log_info(LD_DIR, "Skipping %s certificate for %s that we "
- "already have.",
- from_store ? "cached" : "downloaded",
- ds ? ds->nickname : "??");
- authority_cert_free(cert);
- found = 1;
- }
- });
-
- if (found)
+ if (already_have_cert(cert)) {
+ /* we already have this one. continue. */
+ log_info(LD_DIR, "Skipping %s certificate for %s that we "
+ "already have.",
+ from_store ? "cached" : "downloaded",
+ ds ? ds->nickname : "??");
+ authority_cert_free(cert);
continue;
+ }
if (ds) {
log_info(LD_DIR, "Adding %s certificate for directory authority %s with "
@@ -185,6 +191,7 @@
hex_str(cert->signing_key_digest,DIGEST_LEN));
}
+ cl = get_cert_list(cert->cache_info.identity_digest);
smartlist_add(cl->certs, cert);
if (ds && cert->cache_info.published_on > ds->addr_current_at) {
/* Check to see whether we should update our view of the authority's
More information about the tor-commits
mailing list