Opened 4 weeks ago

Closed 4 weeks ago

#27782 closed defect (fixed)

nss: tor_tls_release_socket() won't catch invalid socket value

Reported by: dgoulet Owned by:
Priority: Medium Milestone: Tor: 0.3.5.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-nss
Cc: nickm Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

From commit ae5692994fc31cc5fa25fb5681e59e326e6c5dbe:

+  tor_socket_t sock =
+    tor_open_socket_nonblocking(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+  if (!sock) {
+    log_warn(LD_NET, "Out of sockets when trying to shut down an NSS "
+             "connection");
+    return;
+  }

A socket value of 0 is a _valid_ socket but not only that, if socket() did ran out of fd, -1 will be returned (or other errors would send back TOR_INVALID_SOCKET = -1).

So we probably want if (sock < 0) {}

Child Tickets

Change History (2)

comment:1 Changed 4 weeks ago by nickm

Status: newneeds_review

Fix in branch bug27795_27782; pull request at https://github.com/torproject/tor/pull/364 . It also has a fix for #27795.

comment:2 Changed 4 weeks ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Merged to master.

Note: See TracTickets for help on using tickets.