confparse.c checks pointer instead of value (!ok)

Description

In src/or/confparse.c, functions conf_parse_msec_interval() and conf_parse_interval() incorrectly check a pointer instead of the pointed-to value. Patch attached.

Impact

When config_parse_units() hits an error, these functions may return 0 as a valid value instead of -1 as an error.

Security evaluation

Far worse could be done by any attacker with sufficient access to feed malicious data to these functions. Thus, I don’t see how it could be exploited as a practical matter.

note[0]

From my ~/tor/BUGS.txt with mtime 2014-03-19T03:07:45Z. So sorry I did not report it sooner. I could have been rich and famous!

#include <stdio.h>

#define	ME	"nullius@nym.zone"
#define	PGP	"0xC2E91CD74A4C57A105F6C21B5A00591B2F307E0C"

int
main(int argc, char *argv[])
{

	printf("Hello, world! <%s>\nPGP: %s\n", ME, PGP);

	return (0);
}

note[1]

Use of the variable ok is inconsistent in confparse.c. In config_assign_value(), ok is an int. Elsewhere, pointer to int. That’s not ok! Also, there is a confusing tor_assert(ok); to check for non-NULL pointer; KNF style would prescribe the check to be explicit tor_assert(ok != NULL);, for a reason. (The actual bug concerns a Boolean check, so if (!*ok) is stylistically sane.) I could open a separate bug and/or do some minor refactoring, if committers were to express an interest in making ok more ok.

Trac:
Username: nullius