[tor-commits] [tor/master] Fix warnings about passing uninitialized buffers into functions

nickm at torproject.org nickm at torproject.org
Fri Sep 15 20:43:37 UTC 2017


commit 4ff170d7b1cbe4074cb85271b82a8963eccc8286
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue Sep 12 21:09:18 2017 -0400

    Fix warnings about passing uninitialized buffers into functions
    
    Most of these buffers were never actually inspected, but it's still
    bad style.
---
 src/common/buffers.c          |  2 ++
 src/common/compat.c           |  1 +
 src/or/config.c               |  2 ++
 src/or/dirvote.c              | 17 +++++++++--------
 src/or/parsecommon.c          |  1 +
 src/test/bench.c              |  1 +
 src/test/test_crypto.c        |  2 ++
 src/test/test_dir.c           |  2 +-
 src/test/test_hs_intropoint.c |  4 +++-
 src/test/test_shared_random.c |  2 ++
 src/tools/tor-gencert.c       | 12 ++++++++----
 11 files changed, 32 insertions(+), 14 deletions(-)

diff --git a/src/common/buffers.c b/src/common/buffers.c
index 50673646d..9583c7036 100644
--- a/src/common/buffers.c
+++ b/src/common/buffers.c
@@ -907,6 +907,8 @@ buf_peek_startswith(const buf_t *buf, const char *cmd)
 {
   char tmp[PEEK_BUF_STARTSWITH_MAX];
   size_t clen = strlen(cmd);
+  if (clen == 0)
+    return 1;
   if (BUG(clen > sizeof(tmp)))
     return 0;
   if (buf->datalen < clen)
diff --git a/src/common/compat.c b/src/common/compat.c
index 68938ae91..ab117f7c7 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -2580,6 +2580,7 @@ tor_inet_pton(int af, const char *src, void *dst)
     int gapPos = -1, i, setWords=0;
     const char *dot = strchr(src, '.');
     const char *eow; /* end of words. */
+    memset(words, 0xf8, sizeof(words));
     if (dot == src)
       return 0;
     else if (!dot)
diff --git a/src/or/config.c b/src/or/config.c
index a5bda8be0..76461d75b 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -6072,6 +6072,8 @@ parse_dir_authority_line(const char *line, dirinfo_type_t required_type,
   dirinfo_type_t type = 0;
   double weight = 1.0;
 
+  memset(v3_digest, 0, sizeof(v3_digest));
+
   items = smartlist_new();
   smartlist_split_string(items, line, NULL,
                          SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, -1);
diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index 5dd217952..ba0ab7a77 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -3993,14 +3993,15 @@ dirvote_format_all_microdesc_vote_lines(const routerinfo_t *ri, time_t now,
   while ((ep = entries)) {
     char buf[128];
     vote_microdesc_hash_t *h;
-    dirvote_format_microdesc_vote_line(buf, sizeof(buf), ep->md,
-                                       ep->low, ep->high);
-    h = tor_malloc_zero(sizeof(vote_microdesc_hash_t));
-    h->microdesc_hash_line = tor_strdup(buf);
-    h->next = result;
-    result = h;
-    ep->md->last_listed = now;
-    smartlist_add(microdescriptors_out, ep->md);
+    if (dirvote_format_microdesc_vote_line(buf, sizeof(buf), ep->md,
+                                           ep->low, ep->high) >= 0) {
+      h = tor_malloc_zero(sizeof(vote_microdesc_hash_t));
+      h->microdesc_hash_line = tor_strdup(buf);
+      h->next = result;
+      result = h;
+      ep->md->last_listed = now;
+      smartlist_add(microdescriptors_out, ep->md);
+    }
     entries = ep->next;
     tor_free(ep);
   }
diff --git a/src/or/parsecommon.c b/src/or/parsecommon.c
index 6b5359303..6c3dd3100 100644
--- a/src/or/parsecommon.c
+++ b/src/or/parsecommon.c
@@ -161,6 +161,7 @@ get_token_arguments(memarea_t *area, directory_token_t *tok,
   char *cp = mem;
   int j = 0;
   char *args[MAX_ARGS];
+  memset(args, 0, sizeof(args));
   while (*cp) {
     if (j == MAX_ARGS)
       return -1;
diff --git a/src/test/bench.c b/src/test/bench.c
index a44dc94a6..9d589332a 100644
--- a/src/test/bench.c
+++ b/src/test/bench.c
@@ -200,6 +200,7 @@ bench_onion_ntor_impl(void)
   curve25519_public_key_generate(&keypair2.pubkey, &keypair2.seckey);
   dimap_add_entry(&keymap, keypair1.pubkey.public_key, &keypair1);
   dimap_add_entry(&keymap, keypair2.pubkey.public_key, &keypair2);
+  crypto_rand((char *)nodeid, sizeof(nodeid));
 
   reset_perftime();
   start = perftime();
diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c
index c540aaed6..5d079e9f3 100644
--- a/src/test/test_crypto.c
+++ b/src/test/test_crypto.c
@@ -2595,6 +2595,8 @@ test_crypto_ed25519_testvectors(void *arg)
     ed25519_signature_t sig;
     int sign;
 
+    memset(&curvekp, 0xd0, sizeof(curvekp));
+
 #define DECODE(p,s) base16_decode((char*)(p),sizeof(p),(s),strlen(s))
 #define EQ(a,h) test_memeq_hex((const char*)(a), (h))
 
diff --git a/src/test/test_dir.c b/src/test/test_dir.c
index 896e16ce0..3d1fb00db 100644
--- a/src/test/test_dir.c
+++ b/src/test/test_dir.c
@@ -3370,7 +3370,7 @@ mock_get_options(void)
 static void
 reset_routerstatus(routerstatus_t *rs,
                    const char *hex_identity_digest,
-                   int32_t ipv4_addr)
+                   uint32_t ipv4_addr)
 {
   memset(rs, 0, sizeof(routerstatus_t));
   base16_decode(rs->identity_digest, sizeof(rs->identity_digest),
diff --git a/src/test/test_hs_intropoint.c b/src/test/test_hs_intropoint.c
index 2cce8a370..1e570630c 100644
--- a/src/test/test_hs_intropoint.c
+++ b/src/test/test_hs_intropoint.c
@@ -783,7 +783,7 @@ static void
 test_received_introduce1_handling(void *arg)
 {
   int ret;
-  uint8_t *request = NULL, buf[128];
+  uint8_t *request = NULL, buf[128];;
   trn_cell_introduce1_t *cell = NULL;
   or_circuit_t *circ = NULL;
 
@@ -796,6 +796,7 @@ test_received_introduce1_handling(void *arg)
   /* Too small request length. An INTRODUCE1 expect at the very least a
    * DIGEST_LEN size. */
   {
+    memset(buf, 0, sizeof(buf));
     circ = helper_create_intro_circuit();
     ret = hs_intro_received_introduce1(circ, buf, DIGEST_LEN - 1);
     tt_int_op(ret, OP_EQ, -1);
@@ -809,6 +810,7 @@ test_received_introduce1_handling(void *arg)
   {
     circ = helper_create_intro_circuit();
     uint8_t test[2]; /* Too small request. */
+    memset(test, 0, sizeof(test));
     ret = handle_introduce1(circ, test, sizeof(test));
     tor_free(circ->p_chan);
     circuit_free(TO_CIRCUIT(circ));
diff --git a/src/test/test_shared_random.c b/src/test/test_shared_random.c
index 4c303cbb3..a9d58e6b8 100644
--- a/src/test/test_shared_random.c
+++ b/src/test/test_shared_random.c
@@ -1231,6 +1231,8 @@ test_keep_commit(void *arg)
     state = get_sr_state();
   }
 
+  crypto_rand((char*)fp, sizeof(fp));
+
   /* Test this very important function that tells us if we should keep a
    * commit or not in our state. Most of it depends on the phase and what's
    * in the commit so we'll change the commit as we go. */
diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c
index 395535697..600e2252d 100644
--- a/src/tools/tor-gencert.c
+++ b/src/tools/tor-gencert.c
@@ -430,7 +430,7 @@ key_to_string(EVP_PKEY *key)
 static int
 get_fingerprint(EVP_PKEY *pkey, char *out)
 {
-  int r = 1;
+  int r = -1;
   crypto_pk_t *pk = crypto_new_pk_from_rsa_(EVP_PKEY_get1_RSA(pkey));
   if (pk) {
     r = crypto_pk_get_fingerprint(pk, out, 0);
@@ -443,7 +443,7 @@ get_fingerprint(EVP_PKEY *pkey, char *out)
 static int
 get_digest(EVP_PKEY *pkey, char *out)
 {
-  int r = 1;
+  int r = -1;
   crypto_pk_t *pk = crypto_new_pk_from_rsa_(EVP_PKEY_get1_RSA(pkey));
   if (pk) {
     r = crypto_pk_get_digest(pk, out);
@@ -472,8 +472,12 @@ generate_certificate(void)
   char signature[1024]; /* handles up to 8192-bit keys. */
   int r;
 
-  get_fingerprint(identity_key, fingerprint);
-  get_digest(identity_key, id_digest);
+  if (get_fingerprint(identity_key, fingerprint) < 0) {
+    return -1;
+  }
+  if (get_digest(identity_key, id_digest)) {
+    return -1;
+  }
 
   tor_localtime_r(&now, &tm);
   tm.tm_mon += months_lifetime;





More information about the tor-commits mailing list