Missing stream NULL check in tor_compress_impl

The second time we create a stream in tor_compress_impl, we don't check if it's NULL.

changed milestone to %Tor: 0.3.1.x-final

added component::core tor/tor memory-safety milestone::Tor: 0.3.1.x-final owner::ahf parent::22502 points::1 priority::medium resolution::fixed severity::normal status::closed type::defect version::tor 0.3.1.1-alpha labels

Given the number of times we don't check the output of tor_compress_new(), we should probably hard assert if it would return NULL, or check in all those places, or something?

Trac:
Parent: N/A to #22502 (moved)
Points: 0.1 to 1

Probably asserting makes more sense?

Trac:
Owner: N/A to ahf
Status: new to assigned

I wonder if it would be best to tor_assert() on UNKNOWN_METHOD, or BUG(), and then return a non-NULL state. An edge case where we don't check state correctly before calling could easily turn into a DoS bug.

    case UNKNOWN_METHOD:
      goto err;
  }

  atomic_counter_add(&total_compress_allocation,
                     sizeof(tor_compress_state_t));
  return state;

 err:
  tor_free(state);
  return NULL;

Also, there is a fix for this in the branch in #22502 (moved), but it's not the tor_assert() fix.

merged as part of #22502 (moved)

Trac:
Status: assigned to closed
Resolution: N/A to fixed

closed

changed time estimate to 8h

moved to tpo/core/tor#22626 (closed)