[tor-commits] [tor/release-0.3.1] Remove the length limit from write_http_status_line
nickm at torproject.org
nickm at torproject.org
Mon Oct 23 13:23:05 UTC 2017
commit af33fdd7c1860399fe8d6861c163e5d64b0292b9
Author: Nick Mathewson <nickm at torproject.org>
Date: Mon Oct 23 09:21:22 2017 -0400
Remove the length limit from write_http_status_line
Fixes bug 23908; bugfix on 0.3.1.6-rc when we made the keypin
failure message really long.
Backport from 0.3.2's 771fb7e7baa789c55ba15c4c26c8a4889ff9fe8d,
where arma said "get rid of the scary 256-byte-buf landmine".
---
changes/bug23908 | 3 +++
src/or/directory.c | 10 ++++------
2 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/changes/bug23908 b/changes/bug23908
new file mode 100644
index 000000000..f641b66bb
--- /dev/null
+++ b/changes/bug23908
@@ -0,0 +1,3 @@
+ o Minor bugfixes (directory authority, backport from 0.3.2.1-alpha):
+ - Remove the length limit on HTTP status lines that authorities can send
+ in their replies. Fixes bug 23499; bugfix on 0.3.1.6-rc.
diff --git a/src/or/directory.c b/src/or/directory.c
index 45fbd1dd3..bef65d349 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -3282,14 +3282,12 @@ static void
write_http_status_line(dir_connection_t *conn, int status,
const char *reason_phrase)
{
- char buf[256];
- if (tor_snprintf(buf, sizeof(buf), "HTTP/1.0 %d %s\r\n\r\n",
- status, reason_phrase ? reason_phrase : "OK") < 0) {
- log_warn(LD_BUG,"status line too long.");
- return;
- }
+ char *buf = NULL;
+ tor_asprintf(&buf, "HTTP/1.0 %d %s\r\n\r\n",
+ status, reason_phrase ? reason_phrase : "OK");
log_debug(LD_DIRSERV,"Wrote status 'HTTP/1.0 %d %s'", status, reason_phrase);
connection_write_to_buf(buf, strlen(buf), TO_CONN(conn));
+ tor_free(buf);
}
/** Write the header for an HTTP/1.0 response onto <b>conn</b>-\>outbuf,
More information about the tor-commits
mailing list