Opened 7 years ago

Closed 7 years ago

#8208 closed defect (fixed)

Avoid crash if extrainfo generation fails

Reported by: nickm Owned by:
Priority: Medium Milestone: Tor: 0.2.3.x-final
Component: Core Tor/Tor Version: Tor: 0.2.3.16-alpha
Severity: Keywords: tor-relay 023-backport
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

If we fail to generate an extrainfo (can that happen?) we go on generating a routerinfo, but later in router_rebuild_descriptor() we do:

  if (options->BridgeRelay) {
    /* Bridges shouldn't be able to send their descriptors unencrypted,
       anyway, since they don't have a DirPort, and always connect to the
       bridge authority anonymously.  But just in case they somehow think of
       sending them on an unencrypted connection, don't allow them to try. */
    ri->cache_info.send_unencrypted = ei->cache_info.send_unencrypted = 0;
  } else {
    ri->cache_info.send_unencrypted = ei->cache_info.send_unencrypted = 1;
  }

note the unconditional assignment to a field of ei.

Child Tickets

Change History (3)

comment:1 Changed 7 years ago by nickm

Milestone: Tor: 0.2.4.x-finalTor: 0.2.3.x-final
Status: newneeds_review
Version: Tor: 0.2.3.16-alpha

There's a fix against maint-0.2.3 in branch "bug8208" in my public repository.

I've merged the fix to master as obviously right; the only question is whether it should get merged into 0.2.3 as well. I lean towards "yes".

comment:2 Changed 7 years ago by arma

sounds good to me.

we should squeal loudly in any case if we can't generate an extrainfo desc, because right now we assume that all relays are successfully publishing extrainfo descs too, and i suspect we're not checking if it's true.

comment:3 Changed 7 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Okay; backported.

Note: See TracTickets for help on using tickets.