[tor-commits] [tor/master] address/resolve: try harder to avoid returning uninitialised data

nickm at torproject.org nickm at torproject.org
Wed Jun 26 13:57:38 UTC 2019


commit 308d3002130cfb5b9ad2100dab25b0c4c83162f6
Author: teor <teor at torproject.org>
Date:   Thu Jun 13 21:14:36 2019 +1000

    address/resolve: try harder to avoid returning uninitialised data
    
    Cleanup after 30721.
---
 src/lib/net/address.c | 10 ++++++++--
 src/lib/net/resolve.c | 11 ++++++++++-
 2 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/src/lib/net/address.c b/src/lib/net/address.c
index 4989e4ab2..75322ad88 100644
--- a/src/lib/net/address.c
+++ b/src/lib/net/address.c
@@ -1760,6 +1760,13 @@ tor_addr_port_parse(int severity, const char *addrport,
   retval = 0;
 
  done:
+  /* Clear the address and port on error, to avoid returning uninitialised or
+   * partly parsed data.
+   */
+  if (retval == -1) {
+    memset(address_out, 0, sizeof(tor_addr_t));
+    *port_out = 0;
+  }
   tor_free(addr_tmp);
   return retval;
 }
@@ -1828,8 +1835,7 @@ tor_addr_port_split(int severity, const char *addrport,
     tor_free(address_);
   }
 
-  if (port_out)
-    *port_out = ok ? ((uint16_t) port_) : 0;
+  *port_out = ok ? ((uint16_t) port_) : 0;
 
   return ok ? 0 : -1;
 }
diff --git a/src/lib/net/resolve.c b/src/lib/net/resolve.c
index a70fb0a82..955572088 100644
--- a/src/lib/net/resolve.c
+++ b/src/lib/net/resolve.c
@@ -47,6 +47,11 @@ tor_lookup_hostname,(const char *name, uint32_t *addr))
   tor_addr_t myaddr;
   int ret;
 
+  if (BUG(!addr))
+    return -1;
+
+  *addr = 0;
+
   if ((ret = tor_addr_lookup(name, AF_INET, &myaddr)))
     return ret;
 
@@ -250,7 +255,7 @@ int
 tor_addr_port_lookup(const char *s, tor_addr_t *addr_out, uint16_t *port_out)
 {
   tor_addr_t addr;
-  uint16_t portval;
+  uint16_t portval = 0;
   char *tmp = NULL;
   int rv = 0;
 
@@ -273,6 +278,10 @@ tor_addr_port_lookup(const char *s, tor_addr_t *addr_out, uint16_t *port_out)
 
   return 0;
  err:
+  /* Clear the address and port on error */
+  memset(addr_out, 0, sizeof(tor_addr_t));
+  if (port_out)
+    *port_out = 0;
   tor_free(tmp);
   return -1;
 }





More information about the tor-commits mailing list