[tor-commits] [tor/master] Handle the case where tor-gencert gets a passphrase with no NL

[nickm at torproject.org]

commit a874d66ea9ddb8c64189f33bb2a9ef05ee74f3fe
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu Feb 11 13:21:47 2016 -0500

    Handle the case where tor-gencert gets a passphrase with no NL
    
    Closes ticket 17443.
---
 changes/bug17443        | 5 +++++
 src/tools/tor-gencert.c | 9 ++++++++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/changes/bug17443 b/changes/bug17443
new file mode 100644
index 0000000..e4c040b
--- /dev/null
+++ b/changes/bug17443
@@ -0,0 +1,5 @@
+  o Minor bugfixes (tor-gencert):
+    - Correctly handle the case where an authority operator enters a
+      passphrase but sends an EOF before sending a newline.
+      Fixes bug 17443; bugfix on 0.2.0.20-rc. Found by "junglefowl".
+
diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c
index e833aa9..4e5e1dc 100644
--- a/src/tools/tor-gencert.c
+++ b/src/tools/tor-gencert.c
@@ -96,14 +96,21 @@ load_passphrase(void)
 {
   char *cp;
   char buf[1024]; /* "Ought to be enough for anybody." */
+  memset(buf, 0, sizeof(buf)); /* should be needless */
   ssize_t n = read_all(passphrase_fd, buf, sizeof(buf), 0);
   if (n < 0) {
     log_err(LD_GENERAL, "Couldn't read from passphrase fd: %s",
             strerror(errno));
     return -1;
   }
+  /* We'll take everything from the buffer except for optional terminating
+   * newline. */
   cp = memchr(buf, '\n', n);
-  passphrase_len = cp-buf;
+  if (cp == NULL) {
+    passphrase_len = n;
+  } else {
+    passphrase_len = cp-buf;
+  }
   passphrase = tor_strndup(buf, passphrase_len);
   memwipe(buf, 0, sizeof(buf));
   return 0;