[tor-commits] [tor/maint-0.3.4] rust/protover: return C-allocated string in protover_all_supported()

nickm at torproject.org nickm at torproject.org
Tue Oct 23 23:22:12 UTC 2018


commit 42558df7c8affeec33e66d987ccf4d632a9d5466
Author: cypherpunks <cypherpunks at torproject.org>
Date:   Fri Sep 21 05:16:22 2018 +0000

    rust/protover: return C-allocated string in protover_all_supported()
    
    The result of CString::into_raw() is not safe to free
    with free() except under finicky and fragile circumstances
    that we definitely don't meet right now.
    
    This was missed in be583a34a3815c2c10e86094ab0610e4b7f9c869.
---
 changes/bug27740         | 4 ++++
 src/rust/protover/ffi.rs | 7 +------
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/changes/bug27740 b/changes/bug27740
new file mode 100644
index 000000000..76a17b7dd
--- /dev/null
+++ b/changes/bug27740
@@ -0,0 +1,4 @@
+  o Minor bugfixes (rust):
+    - Return a string that can be safely freed by C code, not one created by
+      the rust allocator, in protover_all_supported(). Fixes bug 27740; bugfix
+      on 0.3.3.1-alpha.
diff --git a/src/rust/protover/ffi.rs b/src/rust/protover/ffi.rs
index ca9a504fe..8ab11842d 100644
--- a/src/rust/protover/ffi.rs
+++ b/src/rust/protover/ffi.rs
@@ -71,12 +71,7 @@ pub extern "C" fn protover_all_supported(
         if missing_out.is_null() {
             return 0;
         }
-        let c_unsupported: CString = match CString::new(unsupported.to_string()) {
-            Ok(n) => n,
-            Err(_) => return 1,
-        };
-
-        let ptr = c_unsupported.into_raw();
+        let ptr = allocate_and_copy_string(&unsupported.to_string());
         unsafe { *missing_out = ptr };
 
         return 0;





More information about the tor-commits mailing list