Opened 11 years ago

Last modified 7 years ago

#867 closed defect (Fixed)

Tor segfaults when trying to set EntryNodes via control port

Reported by: Sebastian Owned by:
Priority: Low Milestone:
Component: Core Tor/Tor Version: 0.2.1.6-alpha
Severity: Keywords:
Cc: Sebastian Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

[17:00] <Lirezh_off> 0x080ce0ec in routerset_equal (old=0x0, new=0x84db730) at routerlist.c:5071
[17:00] <Lirezh_off> 5071 if (smartlist_len(old->list) != smartlist_len(new->list))
[17:00] <Lirezh_off> SETCONF EntryNodes=16D8815839503CB9DE594EEE463BD106F6F6FA2B
[17:01] <Lirezh_off> Tor v0.2.1.6-alpha (r17011)
[17:04] <Lirezh_off> Hm it crashes in general when setting a entrynode for me, no idea why
[17:04] <Lirezh_off> ExitNodes work

[Automatically added by flyspray2trac: Operating System: All]

Child Tickets

Change History (6)

comment:1 Changed 11 years ago by Sebastian

The problem seems to be within routerset_equal, I think. It accepts NULL as parameter, but then dereferences later. Proposed patch (untested for now, will test when I get a chance):

Index: src/or/routerlist.c
===================================================================
--- src/or/routerlist.c (revision 17286)
+++ src/or/routerlist.c (working copy)
@@ -5100,6 +5100,10 @@

int
routerset_equal(const routerset_t *old, const routerset_t *new)
{

+ if(old == NULL && new == NULL)
+ return 1;

+ else if(old == NULL
new == NULL)

+ return 0;

if (smartlist_len(old->list) != smartlist_len(new->list))

return 0;


comment:2 Changed 11 years ago by Lirezh

#0 0x080ce0ec in routerset_equal (old=0x0, new=0x85545b0) at routerlist.c:5071
#1 0x08069525 in options_act (old_options=0x8142d08) at config.c:1388
#2 0x0806a1fd in set_options (new_val=0x82bcb78, msg=0xbfdcda04) at config.c:792
#3 0x0806b89d in options_trial_assign (list=0x82ed7c8, use_defaults=0, clear_first=1, msg=0xbfdcda04) at config.c:2157
#4 0x080850d7 in control_setconf_helper (conn=0x82b9ea0, len=18, body=<value optimized out>, use_defaults=0) at control.c:746
#5 0x08087265 in connection_control_process_inbuf (conn=0x82b9ea0) at control.c:796
#6 0x08071438 in connection_process_inbuf (conn=0x82b9ea0, package_partial=135539976) at connection.c:2794
#7 0x08073149 in connection_handle_read (conn=0x82b9ea0) at connection.c:1984
#8 0x080aab38 in conn_read_callback (fd=15, event=2, _conn=0x82b9ea0) at main.c:461
#9 0xb7f7fc79 in event_base_priority_init () from /usr/lib/libevent-1.1a.so.1
#10 0xb7f7ff65 in event_base_loop () from /usr/lib/libevent-1.1a.so.1
#11 0xb7f7fdcb in event_loop () from /usr/lib/libevent-1.1a.so.1
#12 0x080ac2bf in do_main_loop () at main.c:1468
#13 0x080ac495 in tor_main (argc=3, argv=0xbfdcdd84) at main.c:2079
#14 0x080e9e42 in main (argc=9090909, argv=0x0) at tor_main.c:29

comment:3 Changed 11 years ago by Sebastian

Turns out that the first patch wasn't following the spaces convention, but did fix an issue where routerset_equal didn't follow its interface.

There is more to this, though - Lirezh_off now reports that Tor doesn't segfault any more, but the new setting is not honored.

comment:4 Changed 11 years ago by Sebastian

Ok, looks like Lirezh_off was confused. I ran some tests myself, and setting entry nodes now works as expected. This is the fixed patch:

Index: src/or/routerlist.c
===================================================================
--- src/or/routerlist.c (revision 17286)
+++ src/or/routerlist.c (working copy)
@@ -5100,6 +5100,10 @@

int
routerset_equal(const routerset_t *old, const routerset_t *new)
{

+ if (old == NULL && new == NULL)
+ return 1;

+ else if (old == NULL
new == NULL)

+ return 0;

if (smartlist_len(old->list) != smartlist_len(new->list))

return 0;


comment:5 Changed 11 years ago by nickm

flyspray2trac: bug closed.

comment:6 Changed 7 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.