1. 06 Jul, 2020 1 commit
    • Alexander Færøy's avatar
      Fix out-of-bound memory read in `tor_tls_cert_matches_key()` for NSS. · b46984e9
      Alexander Færøy authored and Nick Mathewson's avatar Nick Mathewson committed
      This patch fixes an out-of-bound memory read in
      `tor_tls_cert_matches_key()` when Tor is compiled to use Mozilla's NSS
      instead of OpenSSL.
      The NSS library stores some length fields in bits instead of bytes, but
      the comparison function found in `SECITEM_ItemsAreEqual()` needs the
      length to be encoded in bytes. This means that for a 140-byte,
      DER-encoded, SubjectPublicKeyInfo struct (with a 1024-bit RSA public key
      in it), we would ask `SECITEM_ItemsAreEqual()` to compare the first 1120
      bytes instead of 140 (140bytes * 8bits = 1120bits).
      This patch fixes the issue by converting from bits to bytes before
      calling `SECITEM_ItemsAreEqual()` and convert the `len`-fields back to
      bits before we leave the function.
      This patch is part of the fix for TROVE-2020-001.
      See: https://bugs.torproject.org/33119
  2. 06 May, 2020 4 commits
    • Nick Mathewson's avatar
      Use __attribute__((fallthrough)) rather than magic GCC comments. · cc397449
      Nick Mathewson authored
      GCC added an implicit-fallthrough warning a while back, where it
      would complain if you had a nontrivial "case:" block that didn't end
      with break, return, or something like that.  Clang recently added
      the same thing.
      GCC, however, would let you annotate a fall-through as intended by
      any of various magic "/* fall through */" comments.  Clang, however,
      only seems to like "__attribute__((fallthrough))".  Fortunately, GCC
      accepts that too.
      A previous commit in this branch defined a FALLTHROUGH macro to do
      the right thing if GNUC is defined; here we replace all of our "fall
      through" comments with uses of that macro.
      This is an automated commit, made with the following perl one-liner:
        #!/usr/bin/perl -i -p
        s#/\* *falls? ?thr.*?\*/#FALLTHROUGH;#i;
    • Nick Mathewson's avatar
    • Nick Mathewson's avatar
    • Nick Mathewson's avatar
      Add a fallthrough macro. · 6c3c9435
      Nick Mathewson authored
      This macro defers to __attribute__((fallthrough)) on GCC (and
      clang).  Previously we had been using GCC's magic /* fallthrough */
      comments, but clang very sensibly doesn't accept those.
      Since not all compiler recognize it, we only define it when our
      configure script detects that it works.
      Part of a fix for 34078.
  3. 18 Mar, 2020 1 commit
  4. 17 Mar, 2020 3 commits
  5. 14 Mar, 2020 2 commits
  6. 11 Mar, 2020 1 commit
  7. 05 Feb, 2020 1 commit
  8. 29 Jan, 2020 1 commit
  9. 06 Jan, 2020 1 commit
  10. 17 Dec, 2019 1 commit
  11. 06 Nov, 2019 1 commit
  12. 04 Oct, 2019 1 commit
  13. 23 Sep, 2019 1 commit
    • Jigsaw52's avatar
      Fix bug when %including folder with comment only files. #31408 · 15490816
      Jigsaw52 authored and teor's avatar teor committed
      When processing a %included folder, a bug caused the pointer to
      the last element of the options list to be set to NULL when
      processing a file with only comments or whitepace. This could
      cause options from other files on the same folder to be
      discarded depending on the lines after the affected %include.
  14. 10 Sep, 2019 1 commit
    • Nick Mathewson's avatar
      fp.c: Suppress float-conversion warnings on FreeBSD. · 51475aee
      Nick Mathewson authored
      We used to do this on Windows only, but it appears to affect
      multiple platforms when building with certain versions of GCC, and a
      common pattern for defining the floating-point classifier functions.
      Fixes part of 31687. I'm calling this a bugfux on 31687, when we
      started suppressing these warnings on Windows.
  15. 09 Sep, 2019 1 commit
  16. 04 Sep, 2019 1 commit
  17. 30 Aug, 2019 4 commits
  18. 16 Apr, 2019 1 commit
  19. 15 Apr, 2019 1 commit
    • Nick Mathewson's avatar
      Use a tor_abort_() wrapper in our util_bug.h macros · 802ac8ad
      Nick Mathewson authored
      Previously, our use of abort() would break anywhere that we didn't
      include stdlib.h.  This was especially troublesome in case where
      tor_assert_nonfatal() was used with ALL_BUGS_ARE_FATAL, since that
      one seldom gets tested.
      As an alternative, we could have just made this header include
      stdlib.h.  But that seems bloaty.
      Fixes bug 30189; bugfix on
  20. 06 Apr, 2019 2 commits
  21. 08 Feb, 2019 2 commits
  22. 23 Jan, 2019 1 commit
  23. 16 Jan, 2019 4 commits
  24. 09 Jan, 2019 1 commit
    • Kris Katterjohn's avatar
      Fix (and make consistent) the use of OpenBSD preprocessor macro tests · c13a81f7
      Kris Katterjohn authored and Nick Mathewson's avatar Nick Mathewson committed
      Prior to this commit, the testsuite was failing on OpenBSD.  After
      this commit the testsuite runs fine on OpenBSD.
      It was previously decided to test for the OpenBSD macro (rather than
      __OpenBSD__, etc.) because OpenBSD forks seem to have the former
      macro defined.  sys/param.h must be included for the OpenBSD macro
      definition; however, many files tested for the OpenBSD macro without
      having this header included.
      This commit includes sys/param.h in the files where the OpenBSD macro
      is used (and sys/param.h is not already included), and it also
      changes some instances of the __OpenBSD__ macro to OpenBSD.
      See commit 27df23ab
       which changed
      everything to use OpenBSD instead of __OpenBSD__ or OPENBSD.  See
      also tickets #6982 and #20980 (the latter ticket is where it was
      decided to use the OpenBSD macro).
      Signed-off-by: default avatarKris Katterjohn <katterjohn@gmail.com>
  25. 07 Jan, 2019 1 commit
  26. 03 Jan, 2019 1 commit