[tor-commits] [tor/master] Reserve enough space for rend_service_port_config_t

[arma at torproject.org]

commit 37d16c3cc78151daf2cbebd643ea4d64b504989e
Author: Sebastian Hahn <sebastian at torproject.org>
Date:   Mon Feb 9 04:48:16 2015 +0100

    Reserve enough space for rend_service_port_config_t
    
    In #14803, Damian noticed that his Tor sometimes segfaults. Roger noted
    that his valgrind gave an invalid write of size one here. Whenever we
    use FLEXIBLE_ARRAY_MEMBER, we have to make sure to actually malloc a
    thing that's large enough.
    
    Fixes bug #14803, not in any released version of Tor.
---
 src/or/rendservice.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 6ae569c..6c934c8 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -314,7 +314,7 @@ static rend_service_port_config_t *
 rend_service_port_config_new(const char *socket_path)
 {
   if (!socket_path)
-    return tor_malloc_zero(sizeof(rend_service_port_config_t));
+    return tor_malloc_zero(sizeof(rend_service_port_config_t) + 1);
 
   const size_t pathlen = strlen(socket_path) + 1;
   rend_service_port_config_t *conf =