relay/dirauth: Set some output arguments in stubs

And document how some functions set their output arguments. Fixes bug 33674; bugfix on 0.4.3.1-alpha.

relay/dirauth: Set some output arguments in stubs
And document how some functions set their output arguments. Fixes bug 33674; bugfix on 0.4.3.1-alpha.
d4a74021 · teor · Nick Mathewson · c478dc9b · d4a74021 · d4a74021
Commit d4a74021 authored Mar 20, 2020 by teor Committed by Nick Mathewson Mar 20, 2020
--- a/changes/bug33674
+++ b/changes/bug33674
+  o Minor bugfixes (--disable-module-relay,--disable-module-dirauth):
+    - Set some output arguments in the relay and dirauth module stubs, to
+      guard against future stub argument handling bugs like 33668.
+      Fixes bug 33674; bugfix on 0.4.3.1-alpha.
--- a/src/feature/dirauth/dirauth_config.h
+++ b/src/feature/dirauth/dirauth_config.h
@@ -75,8 +75,14 @@ options_validate_dirauth_mode(const struct or_options_t *old_options,
 #define options_act_dirauth_mtbf(old_options) \
  (((void)(old_options)),0)

-#define options_act_dirauth_stats(old_options, print_notice_out) \
-  (((void)(old_options)),((void)(print_notice_out)),0)
+static inline int
+options_act_dirauth_stats(const struct or_options_t *old_options,
+                          bool *print_notice_out)
+{
+  (void)old_options;
+  *print_notice_out = 0;
+  return 0;
+}

 #define dirauth_should_reject_requests_under_load() (false)


--- a/src/feature/dirauth/dirvote.c
+++ b/src/feature/dirauth/dirvote.c
@@ -2527,9 +2527,12 @@ compute_consensus_package_lines(smartlist_t *votes)
 * any new signatures in <b>src_voter_list</b> that should be added to
 * <b>target</b>. (A signature should be added if we have no signature for that
 * voter in <b>target</b> yet, or if we have no verifiable signature and the
- * new signature is verifiable.)  Return the number of signatures added or
- * changed, or -1 if the document signed by <b>sigs</b> isn't the same
- * document as <b>target</b>. */
+ * new signature is verifiable.)
+ *
+ * Return the number of signatures added or changed, or -1 if the document
+ * signatures are invalid. Sets *<b>msg_out</b> to a string constant
+ * describing the signature status.
+ */
 STATIC int
 networkstatus_add_detached_signatures(networkstatus_t *target,
                                      ns_detached_signatures_t *sigs,
@@ -3564,6 +3567,14 @@ dirvote_add_signatures_to_pending_consensus(
  return r;
 }

+/** Helper: we just got the <b>detached_signatures_body</b> sent to us as
+ * signatures on the currently pending consensus.  Add them to the pending
+ * consensus (if we have one).
+ *
+ * Set *<b>msg</b> to a string constant describing the status, regardless of
+ * success or failure.
+ *
+ * Return negative on failure, nonnegative on success. */
 static int
 dirvote_add_signatures_to_all_pending_consensuses(
                       const char *detached_signatures_body,
@@ -3626,7 +3637,12 @@ dirvote_add_signatures_to_all_pending_consensuses(
 /** Helper: we just got the <b>detached_signatures_body</b> sent to us as
 * signatures on the currently pending consensus.  Add them to the pending
 * consensus (if we have one); otherwise queue them until we have a
- * consensus.  Return negative on failure, nonnegative on success. */
+ * consensus.
+ *
+ * Set *<b>msg</b> to a string constant describing the status, regardless of
+ * success or failure.
+ *
+ * Return negative on failure, nonnegative on success. */
 int
 dirvote_add_signatures(const char *detached_signatures_body,
                       const char *source,

--- a/src/feature/dirauth/dirvote.h
+++ b/src/feature/dirauth/dirvote.h
@@ -162,7 +162,7 @@ dirvote_add_signatures(const char *detached_signatures_body,
 {
  (void) detached_signatures_body;
  (void) source;
-  (void) msg_out;
+  *msg_out = "No directory authority support";
  /* If the dirauth module is disabled, this should NEVER be called else we
   * failed to safeguard the dirauth module. */
  tor_assert_nonfatal_unreached();

--- a/src/feature/dirauth/process_descs.c
+++ b/src/feature/dirauth/process_descs.c
@@ -285,7 +285,7 @@ dirserv_load_fingerprint_file(void)
 * Return the appropriate router status.
 *
 * If the status is 'RTR_REJECT' and <b>msg</b> is provided, set
- * *<b>msg</b> to an explanation of why. */
+ * *<b>msg</b> to a string constant explaining why. */
 uint32_t
 dirserv_router_get_status(const routerinfo_t *router, const char **msg,
                          int severity)
@@ -563,7 +563,8 @@ dirserv_router_has_valid_address(routerinfo_t *ri)
 /** Check whether we, as a directory server, want to accept <b>ri</b>.  If so,
 * set its is_valid,running fields and return 0.  Otherwise, return -1.
 *
- * If the router is rejected, set *<b>msg</b> to an explanation of why.
+ * If the router is rejected, set *<b>msg</b> to a string constant explining
+ * why.
 *
 * If <b>complain</b> then explain at log-level 'notice' why we refused
 * a descriptor; else explain at log-level 'info'.
@@ -729,7 +730,8 @@ dirserv_add_multiple_descriptors(const char *desc, size_t desclen,
 * That means the caller must not access <b>ri</b> after this function
 * returns, since it might have been freed.
 *
- * Return the status of the operation.
+ * Return the status of the operation, and set *<b>msg</b> to a string
+ * constant describing the status.
 *
 * This function is only called when fresh descriptors are posted, not when
 * we re-load the cache.

--- a/src/feature/dirauth/process_descs.h
+++ b/src/feature/dirauth/process_descs.h
@@ -98,7 +98,7 @@ dirserv_add_multiple_descriptors(const char *desc, size_t desclen,
  (void)desclen;
  (void)purpose;
  (void)source;
-  (void)msg;
+  *msg = "No directory authority support";
  return (enum was_router_added_t)0;
 }
 static inline enum was_router_added_t
@@ -107,8 +107,8 @@ dirserv_add_descriptor(routerinfo_t *ri,
                       const char *source)
 {
  (void)ri;
-  (void)msg;
  (void)source;
+  *msg = "No directory authority support";
  return (enum was_router_added_t)0;
 }
 static inline int
@@ -125,9 +125,9 @@ authdir_wants_to_reject_router(routerinfo_t *ri, const char **msg,
                               int *valid_out)
 {
  (void)ri;
-  (void)msg;
  (void)complain;
-  (void)valid_out;
+  *msg = "No directory authority support";
+  *valid_out = 0;
  return 0;
 }
 static inline int
@@ -143,8 +143,9 @@ dirserv_router_get_status(const routerinfo_t *router,
                          int severity)
 {
  (void)router;
-  (void)msg;
  (void)severity;
+  if (msg)
+    *msg = "No directory authority support";
  return 0;
 }
 static inline void

--- a/src/feature/relay/relay_config.c
+++ b/src/feature/relay/relay_config.c
@@ -231,8 +231,8 @@ check_server_ports(const smartlist_t *ports,
 }

 /** Parse all relay ports from <b>options</b>. On success, add parsed ports to
- * <b>ports</b>, and return 0.  On failure, set *<b>msg</b> to a description
- * of the problem and return -1.
+ * <b>ports</b>, and return 0.  On failure, set *<b>msg</b> to a newly
+ * allocated string describing the problem, and return -1.
 **/
 int
 port_parse_ports_relay(or_options_t *options,
@@ -334,7 +334,8 @@ port_update_port_set_relay(or_options_t *options,
 * Legacy validation function, which checks that the current OS is usable in
 * relay mode, if options is set to a relay mode.
 *
- * Warns about OSes with potential issues. Always returns 0.
+ * Warns about OSes with potential issues. Does not set *<b>msg</b>.
+ * Always returns 0.
 */
 int
 options_validate_relay_os(const or_options_t *old_options,