commit db89b4b1527103455e1bd85839a88d614a402354
parent 75b95e1c8e28e1136b5bc98fd89321e478f4b836
Author: cypherpunks <cypherpunks@torproject.org>
Date: Fri, 21 Sep 2018 04:57:26 +0000
rust/protover: fix null deref in protover_all_supported()
Fortunately with the current callers it couldn't happen in practice.
Fix on d1820c1516a31a149fc51a9e5126bf899e4c4e08.
Diffstat:
3 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/changes/bug27804 b/changes/bug27804
@@ -0,0 +1,3 @@
+ o Minor bugfixes (rust):
+ - Fix a potential null dereference in protover_all_supported().
+ Add a test for it. Fixes bug 27804; bugfix on 0.3.3.1-alpha.
diff --git a/src/rust/protover/ffi.rs b/src/rust/protover/ffi.rs
@@ -68,6 +68,9 @@ pub extern "C" fn protover_all_supported(
if maybe_unsupported.is_some() {
let unsupported: UnvalidatedProtoEntry = maybe_unsupported.unwrap();
+ if missing_out.is_null() {
+ return 0;
+ }
let c_unsupported: CString = match CString::new(unsupported.to_string()) {
Ok(n) => n,
Err(_) => return 1,
diff --git a/src/test/test_protover.c b/src/test/test_protover.c
@@ -259,6 +259,7 @@ test_protover_all_supported(void *arg)
tt_ptr_op(msg, OP_EQ, NULL);
// Some things we don't support
+ tt_assert(! protover_all_supported("Wombat=9", NULL));
tt_assert(! protover_all_supported("Wombat=9", &msg));
tt_str_op(msg, OP_EQ, "Wombat=9");
tor_free(msg);
