[tor-commits] [tor/master] Make internal error check for unrecognized digest algorithm more robust

[nickm at torproject.org]

commit 246afc1b1ba8c81557307bfffa5291c91cc2c782
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu Oct 6 13:02:50 2011 -0400

    Make internal error check for unrecognized digest algorithm more robust
    
    Fixes Coverity CID 479.
---
 changes/cov479      |    5 +++++
 src/common/crypto.c |    4 ++++
 2 files changed, 9 insertions(+), 0 deletions(-)

diff --git a/changes/cov479 b/changes/cov479
new file mode 100644
index 0000000..afbaffc
--- /dev/null
+++ b/changes/cov479
@@ -0,0 +1,5 @@
+  o Minor bugfixes:
+    - Fix internal bug-checking logic that was supposed to catch
+      failures in digest generation so that it will fail more robustly
+      if we ask for a nonexistent algorithm. Found by Coverity Scan.
+      Bugfix on 0.2.2.1-alpha; fixes Coverity CID 479.
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 851f11b..235bd88 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1663,6 +1663,10 @@ crypto_digest_get_digest(crypto_digest_env_t *digest,
       SHA256_Final(r, &tmpenv.d.sha2);
       break;
     default:
+      log_warn(LD_BUG, "Called with unknown algorithm %d", digest->algorithm);
+      /* If fragile_assert is not enabled, then we should at least not
+       * leak anything. */
+      memset(r, 0xff, sizeof(r));
       tor_fragile_assert();
       break;
   }