[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r30268 - gnunet/src/scalarproduct
From: |
gnunet |
Subject: |
[GNUnet-SVN] r30268 - gnunet/src/scalarproduct |
Date: |
Thu, 17 Oct 2013 19:07:17 +0200 |
Author: cfuchs
Date: 2013-10-17 19:07:17 +0200 (Thu, 17 Oct 2013)
New Revision: 30268
Modified:
gnunet/src/scalarproduct/gnunet-service-scalarproduct.c
Log:
fixed a double-free
removed a redundant memcpy
free_session_variables always resets the freed pointers to NULL
Modified: gnunet/src/scalarproduct/gnunet-service-scalarproduct.c
===================================================================
--- gnunet/src/scalarproduct/gnunet-service-scalarproduct.c 2013-10-17
16:56:10 UTC (rev 30267)
+++ gnunet/src/scalarproduct/gnunet-service-scalarproduct.c 2013-10-17
17:07:17 UTC (rev 30268)
@@ -707,29 +707,45 @@
for (i = 0; i < session->used; i++)
if (session->a[i]) gcry_mpi_release (session->a[i]);
GNUNET_free (session->a);
+ session->a = NULL;
}
GNUNET_free_non_null (session->mask);
if (session->r) {
for (i = 0; i < session->used; i++)
if (session->r[i]) gcry_mpi_release (session->r[i]);
GNUNET_free (session->r);
+ session->r = NULL;
}
if (session->r_prime) {
for (i = 0; i < session->used; i++)
if (session->r_prime[i]) gcry_mpi_release (session->r_prime[i]);
GNUNET_free (session->r_prime);
+ session->r_prime = NULL;
}
- if (session->s)
+ if (session->s){
gcry_mpi_release (session->s);
- if (session->s_prime)
+ session->s = NULL;
+ }
+
+ if (session->s_prime){
gcry_mpi_release (session->s_prime);
- if (session->product)
+ session->s_prime = NULL;
+ }
+
+ if (session->product){
gcry_mpi_release (session->product);
+ session->product = NULL;
+ }
- if (session->remote_pubkey)
+ if (session->remote_pubkey){
gcry_sexp_release (session->remote_pubkey);
+ session->remote_pubkey = NULL;
+ }
- GNUNET_free_non_null (session->vector);
+ if (session->vector) {
+ GNUNET_free_non_null (session->vector);
+ session->s = NULL;
+ }
}
///////////////////////////////////////////////////////////////////////////////
// Event and Message Handlers
@@ -751,14 +767,16 @@
struct GNUNET_SERVER_Client *client)
{
struct ServiceSession *session;
+
+ if (NULL != client)
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ _ ("Client (%p) disconnected from us.\n"), client);
+ else
+ return;
- if (client == NULL)
- return;
session = GNUNET_SERVER_client_get_user_context (client, struct
ServiceSession);
if (NULL == session)
return;
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- _ ("Client (%p) disconnected from us.\n"), client);
GNUNET_CONTAINER_DLL_remove (from_client_head, from_client_tail, session);
if (!(session->role == BOB && session->state == FINALIZED)) {
@@ -1007,11 +1025,16 @@
return;
}
if (session->transferred != session->used)
- // multipart
+ // more multiparts
session->state = WAITING_FOR_MULTIPART_TRANSMISSION;
- else
- //singlepart
+ else{
+ // final part
session->state = FINALIZED;
+ GNUNET_free(session->r);
+ GNUNET_free(session->r_prime);
+ session->r_prime = NULL;
+ session->r = NULL;
+ }
}
@@ -1058,7 +1081,7 @@
msg->header.type = htons (GNUNET_MESSAGE_TYPE_SCALARPRODUCT_BOB_TO_ALICE);
msg->header.size = htons (msg_length);
msg->total_element_count = htonl (session->total);
- msg->contained_element_count = htonl (session->used);
+ msg->used_element_count = htonl (session->used);
msg->contained_element_count = htonl (session->transferred);
memcpy (&msg->key, &session->key, sizeof (struct GNUNET_HashCode));
current = (unsigned char *) &msg[1];
@@ -1138,9 +1161,14 @@
if (session->transferred != session->used)
// multipart
session->state = WAITING_FOR_MULTIPART_TRANSMISSION;
- else
+ else{
//singlepart
session->state = FINALIZED;
+ GNUNET_free(session->r);
+ GNUNET_free(session->r_prime);
+ session->r_prime = NULL;
+ session->r = NULL;
+ }
return GNUNET_OK;
}
@@ -1787,6 +1815,8 @@
{
struct ServiceSession * c = GNUNET_new (struct ServiceSession);
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, _ ("New incoming tunnel from peer
%s.\n"), GNUNET_i2s (initiator));
+
c->peer = *initiator;
c->tunnel = tunnel;
c->role = BOB;
@@ -2104,7 +2134,6 @@
return GNUNET_SYSERR;
}
- memcpy (&session->peer, &session->peer, sizeof (struct GNUNET_PeerIdentity));
session->total = element_count;
session->used = used_elements;
session->transferred = contained_elements;
@@ -2297,7 +2326,10 @@
goto invalid_msg;
}
//we need at least a full message without elements attached
- if (sizeof (struct GNUNET_SCALARPRODUCT_service_response) + 2 *
PAILLIER_ELEMENT_LENGTH > ntohs (msg->header.size)) {
+ msg_size = ntohs (msg->header.size);
+ size_t expected = sizeof (struct GNUNET_SCALARPRODUCT_service_response) + 2
* PAILLIER_ELEMENT_LENGTH;
+
+ if (expected > msg_size) {
goto invalid_msg;
}
contained = ntohl (msg->contained_element_count);
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r30268 - gnunet/src/scalarproduct,
gnunet <=