Opened 19 months ago

Closed 19 months ago

Last modified 15 months ago

#30467 closed defect (fixed)

sendme: Fix coverity CID 1445000

Reported by: dgoulet Owned by: dgoulet
Priority: High Milestone: Tor: 0.4.1.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: sendme, tor-relay, 041-must, coverity
Cc: Actual Points:
Parent ID: #26288 Points: 0.1
Reviewer: ahf Sponsor: SponsorV


Doesn't seems very good but at least not released ;).

*** CID 1445000:  Null pointer dereferences  (FORWARD_NULL)
/src/core/or/relay.c: 1952 in connection_edge_process_relay_cell()
1946           log_info(domain,
1947                    "'connected' received on circid %u for streamid %d, "
1948                    "no conn attached anymore. Ignoring.",
1949                    (unsigned)circ->n_circ_id, rh.stream_id);
1950           return 0;
1951         case RELAY_COMMAND_SENDME:
>>>     CID 1445000:  Null pointer dereferences  (FORWARD_NULL)
>>>     Passing null pointer "layer_hint" to "process_sendme_cell", which dereferences it.
1952           return process_sendme_cell(&rh, cell, circ, conn, layer_hint, domain);
1953         case RELAY_COMMAND_RESOLVE:
1954           if (layer_hint) {
1955             log_fn(LOG_PROTOCOL_WARN, LD_APP,
1956                    "resolve request unsupported at AP; dropping.");
1957             return 0;

Child Tickets

Change History (5)

comment:1 Changed 19 months ago by catalyst

Keywords: coverity added

comment:2 Changed 19 months ago by dgoulet

Reviewer: ahf
Status: assignedneeds_review

Branch: ticket30467_041_01

comment:3 Changed 19 months ago by ahf

Status: needs_reviewmerge_ready

Seems reasonable as far as I can tell.

comment:4 Changed 19 months ago by nickm

Resolution: fixed
Status: merge_readyclosed

Merged to master.

comment:5 Changed 15 months ago by catalyst

Summary: sendme: Fix coverity CID 1444999sendme: Fix coverity CID 1445000

fix CID

Note: See TracTickets for help on using tickets.