cypherpunks authored 9 years ago and Nick Mathewson committed 9 years ago

On FreeBSD backtrace(3) uses size_t instead of int (as glibc does). This
causes integer precision loss errors when we used int to store its
results.

The issue is fixed by using size_t to store the results of backtrace(3).

The manual page of glibc does not mention that backtrace(3) returns
negative values. Therefore, no unsigned integer wrapping occurs when its
result is stored in an unsigned data type.

cypherpunks authored 9 years ago and Nick Mathewson committed 9 years ago

The AM_TESTS_ENVIRONMENT variable is available since Automake v1.12 but
some distributions have older Automake versions so we use
TESTS_ENVIRONMENT.

cypherpunks authored 9 years ago and Nick Mathewson committed 9 years ago

Using variables removes the ambiguity about when to use variables and
when to use substitutions. Variables always work. Substitutions only
work when Autoconf knows about them which is not always the case.

The variables are also placed between quotes to ensures spaces in the
variables are handled properly.

cypherpunks authored 9 years ago and Nick Mathewson committed 9 years ago

Using the AM_TESTS_ENVIRONMENT variable ensures the environment
variables are only set during test execution and not during the
compilation phase.

There was a dead check when we made sure that an array member of a
struct was non-NULL.  Tor has been doing this check since at least
0.2.3, maybe earlier.

Fixes bug 17781.

Previously we'd suppressed the mask-bits field in the output when
formatting a policy if it was >=32.  But that should be a >=128 if
we're talking about IPv6.

Since we didn't put these in descriptors, this bug affects only log
messages and controller outputs.

Fix for bug 16056.  The code in question was new in 0.2.0, but the
bug was introduced in 0.2.4 when we started supporting IPv6 exits.

cypherpunks authored 9 years ago and Nick Mathewson committed 9 years ago

The tor_cert_get_checkable_sig function uses the signing key included in
the certificate (if available) when a separate public key is not given.

When the signature is valid, the tor_cert_checksig function copies the
public key from the checkable structure to the public key field of the
certificate signing key.

In situations where the separate public key is not given but the
certificate includes a signing key, the source and destination pointers
in the copy operation are equal and invoke undefined behavior.

Undefined behaviour is avoided by ensuring both pointers are different.

Patch from rubiate; fixes bug 17551.

The wrong list was used when looking up expired intro points in a rend
service object causing what we think could be reachability issues and
triggering a BUG log.

Fixes #16702

Signed-off-by: David Goulet <dgoulet@ev0ke.net>

Without this check, we potentially look up to 3 characters before
the start of a malloc'd segment, which could provoke a crash under
certain (weird afaik) circumstances.

Fixes 17404; bugfix on 0.2.6.3-alpha.

Closes 17403.

Bug 17402.

The 0.2.8 unit tests provoke this leak, though I don't think it can
happen IRL.