[tor-commits] [tor/release-0.4.3] relay/dirauth: Set some output arguments in stubs

nickm at torproject.org nickm at torproject.org
Fri Mar 20 11:57:27 UTC 2020


commit d4a74021e5ab9dbaf3bb27c0a52e1fd7f8f792ab
Author: teor <teor at torproject.org>
Date:   Fri Mar 20 17:01:06 2020 +1000

    relay/dirauth: Set some output arguments in stubs
    
    And document how some functions set their output arguments.
    
    Fixes bug 33674; bugfix on 0.4.3.1-alpha.
---
 changes/bug33674                     |  4 ++++
 src/feature/dirauth/dirauth_config.h | 10 ++++++++--
 src/feature/dirauth/dirvote.c        | 24 ++++++++++++++++++++----
 src/feature/dirauth/dirvote.h        |  2 +-
 src/feature/dirauth/process_descs.c  |  8 +++++---
 src/feature/dirauth/process_descs.h  | 11 ++++++-----
 src/feature/relay/relay_config.c     |  7 ++++---
 7 files changed, 48 insertions(+), 18 deletions(-)

diff --git a/changes/bug33674 b/changes/bug33674
new file mode 100644
index 000000000..bcc3fcab0
--- /dev/null
+++ b/changes/bug33674
@@ -0,0 +1,4 @@
+  o Minor bugfixes (--disable-module-relay,--disable-module-dirauth):
+    - Set some output arguments in the relay and dirauth module stubs, to
+      guard against future stub argument handling bugs like 33668.
+      Fixes bug 33674; bugfix on 0.4.3.1-alpha.
diff --git a/src/feature/dirauth/dirauth_config.h b/src/feature/dirauth/dirauth_config.h
index ede1207a8..9042ff877 100644
--- a/src/feature/dirauth/dirauth_config.h
+++ b/src/feature/dirauth/dirauth_config.h
@@ -75,8 +75,14 @@ options_validate_dirauth_mode(const struct or_options_t *old_options,
 #define options_act_dirauth_mtbf(old_options) \
   (((void)(old_options)),0)
 
-#define options_act_dirauth_stats(old_options, print_notice_out) \
-  (((void)(old_options)),((void)(print_notice_out)),0)
+static inline int
+options_act_dirauth_stats(const struct or_options_t *old_options,
+                          bool *print_notice_out)
+{
+  (void)old_options;
+  *print_notice_out = 0;
+  return 0;
+}
 
 #define dirauth_should_reject_requests_under_load() (false)
 
diff --git a/src/feature/dirauth/dirvote.c b/src/feature/dirauth/dirvote.c
index 9490867e8..e230815ca 100644
--- a/src/feature/dirauth/dirvote.c
+++ b/src/feature/dirauth/dirvote.c
@@ -2527,9 +2527,12 @@ compute_consensus_package_lines(smartlist_t *votes)
  * any new signatures in <b>src_voter_list</b> that should be added to
  * <b>target</b>. (A signature should be added if we have no signature for that
  * voter in <b>target</b> yet, or if we have no verifiable signature and the
- * new signature is verifiable.)  Return the number of signatures added or
- * changed, or -1 if the document signed by <b>sigs</b> isn't the same
- * document as <b>target</b>. */
+ * new signature is verifiable.)
+ *
+ * Return the number of signatures added or changed, or -1 if the document
+ * signatures are invalid. Sets *<b>msg_out</b> to a string constant
+ * describing the signature status.
+ */
 STATIC int
 networkstatus_add_detached_signatures(networkstatus_t *target,
                                       ns_detached_signatures_t *sigs,
@@ -3564,6 +3567,14 @@ dirvote_add_signatures_to_pending_consensus(
   return r;
 }
 
+/** Helper: we just got the <b>detached_signatures_body</b> sent to us as
+ * signatures on the currently pending consensus.  Add them to the pending
+ * consensus (if we have one).
+ *
+ * Set *<b>msg</b> to a string constant describing the status, regardless of
+ * success or failure.
+ *
+ * Return negative on failure, nonnegative on success. */
 static int
 dirvote_add_signatures_to_all_pending_consensuses(
                        const char *detached_signatures_body,
@@ -3626,7 +3637,12 @@ dirvote_add_signatures_to_all_pending_consensuses(
 /** Helper: we just got the <b>detached_signatures_body</b> sent to us as
  * signatures on the currently pending consensus.  Add them to the pending
  * consensus (if we have one); otherwise queue them until we have a
- * consensus.  Return negative on failure, nonnegative on success. */
+ * consensus.
+ *
+ * Set *<b>msg</b> to a string constant describing the status, regardless of
+ * success or failure.
+ *
+ * Return negative on failure, nonnegative on success. */
 int
 dirvote_add_signatures(const char *detached_signatures_body,
                        const char *source,
diff --git a/src/feature/dirauth/dirvote.h b/src/feature/dirauth/dirvote.h
index f695e93ab..675f4ee14 100644
--- a/src/feature/dirauth/dirvote.h
+++ b/src/feature/dirauth/dirvote.h
@@ -162,7 +162,7 @@ dirvote_add_signatures(const char *detached_signatures_body,
 {
   (void) detached_signatures_body;
   (void) source;
-  (void) msg_out;
+  *msg_out = "No directory authority support";
   /* If the dirauth module is disabled, this should NEVER be called else we
    * failed to safeguard the dirauth module. */
   tor_assert_nonfatal_unreached();
diff --git a/src/feature/dirauth/process_descs.c b/src/feature/dirauth/process_descs.c
index 5c918ca0b..5025d0ae3 100644
--- a/src/feature/dirauth/process_descs.c
+++ b/src/feature/dirauth/process_descs.c
@@ -285,7 +285,7 @@ dirserv_load_fingerprint_file(void)
  * Return the appropriate router status.
  *
  * If the status is 'RTR_REJECT' and <b>msg</b> is provided, set
- * *<b>msg</b> to an explanation of why. */
+ * *<b>msg</b> to a string constant explaining why. */
 uint32_t
 dirserv_router_get_status(const routerinfo_t *router, const char **msg,
                           int severity)
@@ -563,7 +563,8 @@ dirserv_router_has_valid_address(routerinfo_t *ri)
 /** Check whether we, as a directory server, want to accept <b>ri</b>.  If so,
  * set its is_valid,running fields and return 0.  Otherwise, return -1.
  *
- * If the router is rejected, set *<b>msg</b> to an explanation of why.
+ * If the router is rejected, set *<b>msg</b> to a string constant explining
+ * why.
  *
  * If <b>complain</b> then explain at log-level 'notice' why we refused
  * a descriptor; else explain at log-level 'info'.
@@ -729,7 +730,8 @@ dirserv_add_multiple_descriptors(const char *desc, size_t desclen,
  * That means the caller must not access <b>ri</b> after this function
  * returns, since it might have been freed.
  *
- * Return the status of the operation.
+ * Return the status of the operation, and set *<b>msg</b> to a string
+ * constant describing the status.
  *
  * This function is only called when fresh descriptors are posted, not when
  * we re-load the cache.
diff --git a/src/feature/dirauth/process_descs.h b/src/feature/dirauth/process_descs.h
index 9c1369277..1461ab697 100644
--- a/src/feature/dirauth/process_descs.h
+++ b/src/feature/dirauth/process_descs.h
@@ -98,7 +98,7 @@ dirserv_add_multiple_descriptors(const char *desc, size_t desclen,
   (void)desclen;
   (void)purpose;
   (void)source;
-  (void)msg;
+  *msg = "No directory authority support";
   return (enum was_router_added_t)0;
 }
 static inline enum was_router_added_t
@@ -107,8 +107,8 @@ dirserv_add_descriptor(routerinfo_t *ri,
                        const char *source)
 {
   (void)ri;
-  (void)msg;
   (void)source;
+  *msg = "No directory authority support";
   return (enum was_router_added_t)0;
 }
 static inline int
@@ -125,9 +125,9 @@ authdir_wants_to_reject_router(routerinfo_t *ri, const char **msg,
                                int *valid_out)
 {
   (void)ri;
-  (void)msg;
   (void)complain;
-  (void)valid_out;
+  *msg = "No directory authority support";
+  *valid_out = 0;
   return 0;
 }
 static inline int
@@ -143,8 +143,9 @@ dirserv_router_get_status(const routerinfo_t *router,
                           int severity)
 {
   (void)router;
-  (void)msg;
   (void)severity;
+  if (msg)
+    *msg = "No directory authority support";
   return 0;
 }
 static inline void
diff --git a/src/feature/relay/relay_config.c b/src/feature/relay/relay_config.c
index c8b40ae05..3e9961f47 100644
--- a/src/feature/relay/relay_config.c
+++ b/src/feature/relay/relay_config.c
@@ -231,8 +231,8 @@ check_server_ports(const smartlist_t *ports,
 }
 
 /** Parse all relay ports from <b>options</b>. On success, add parsed ports to
- * <b>ports</b>, and return 0.  On failure, set *<b>msg</b> to a description
- * of the problem and return -1.
+ * <b>ports</b>, and return 0.  On failure, set *<b>msg</b> to a newly
+ * allocated string describing the problem, and return -1.
  **/
 int
 port_parse_ports_relay(or_options_t *options,
@@ -334,7 +334,8 @@ port_update_port_set_relay(or_options_t *options,
  * Legacy validation function, which checks that the current OS is usable in
  * relay mode, if options is set to a relay mode.
  *
- * Warns about OSes with potential issues. Always returns 0.
+ * Warns about OSes with potential issues. Does not set *<b>msg</b>.
+ * Always returns 0.
  */
 int
 options_validate_relay_os(const or_options_t *old_options,





More information about the tor-commits mailing list