[GNUnet-SVN] r30268 - gnunet/src/scalarproduct

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] r30268 - gnunet/src/scalarproduct

From:	gnunet
Subject:	[GNUnet-SVN] r30268 - gnunet/src/scalarproduct
Date:	Thu, 17 Oct 2013 19:07:17 +0200

Author: cfuchs
Date: 2013-10-17 19:07:17 +0200 (Thu, 17 Oct 2013)
New Revision: 30268

Modified:
   gnunet/src/scalarproduct/gnunet-service-scalarproduct.c
Log:
fixed a double-free
removed a redundant memcpy
free_session_variables always resets the freed pointers to NULL



Modified: gnunet/src/scalarproduct/gnunet-service-scalarproduct.c
===================================================================
--- gnunet/src/scalarproduct/gnunet-service-scalarproduct.c     2013-10-17 
16:56:10 UTC (rev 30267)
+++ gnunet/src/scalarproduct/gnunet-service-scalarproduct.c     2013-10-17 
17:07:17 UTC (rev 30268)
@@ -707,29 +707,45 @@
     for (i = 0; i < session->used; i++)
       if (session->a[i]) gcry_mpi_release (session->a[i]);
     GNUNET_free (session->a);
+    session->a = NULL;
   }
   GNUNET_free_non_null (session->mask);
   if (session->r) {
     for (i = 0; i < session->used; i++)
       if (session->r[i]) gcry_mpi_release (session->r[i]);
     GNUNET_free (session->r);
+    session->r = NULL;
   }
   if (session->r_prime) {
     for (i = 0; i < session->used; i++)
       if (session->r_prime[i]) gcry_mpi_release (session->r_prime[i]);
     GNUNET_free (session->r_prime);
+    session->r_prime = NULL;
   }
-  if (session->s)
+  if (session->s){
     gcry_mpi_release (session->s);
-  if (session->s_prime)
+  session->s = NULL;
+  }
+  
+  if (session->s_prime){
     gcry_mpi_release (session->s_prime);
-  if (session->product)
+  session->s_prime = NULL;
+  }
+  
+  if (session->product){
     gcry_mpi_release (session->product);
+  session->product = NULL;
+  }
 
-  if (session->remote_pubkey)
+  if (session->remote_pubkey){
     gcry_sexp_release (session->remote_pubkey);
+  session->remote_pubkey = NULL;
+  }
 
-  GNUNET_free_non_null (session->vector);
+  if (session->vector) {
+    GNUNET_free_non_null (session->vector);
+    session->s = NULL;
+  }
 }
 ///////////////////////////////////////////////////////////////////////////////
 //                      Event and Message Handlers
@@ -751,14 +767,16 @@
                           struct GNUNET_SERVER_Client *client)
 {
   struct ServiceSession *session;
+  
+  if (NULL != client)
+    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+              _ ("Client (%p) disconnected from us.\n"), client);
+  else
+    return;
 
-  if (client == NULL)
-    return;
   session = GNUNET_SERVER_client_get_user_context (client, struct 
ServiceSession);
   if (NULL == session)
     return;
-  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-              _ ("Client (%p) disconnected from us.\n"), client);
   GNUNET_CONTAINER_DLL_remove (from_client_head, from_client_tail, session);
 
   if (!(session->role == BOB && session->state == FINALIZED)) {
@@ -1007,11 +1025,16 @@
     return;
   }
   if (session->transferred != session->used)
-    // multipart
+    // more multiparts
     session->state = WAITING_FOR_MULTIPART_TRANSMISSION;
-  else
-    //singlepart
+  else{
+    // final part
     session->state = FINALIZED;
+    GNUNET_free(session->r);
+    GNUNET_free(session->r_prime);
+    session->r_prime = NULL;
+    session->r = NULL;
+  }
 }
 
 
@@ -1058,7 +1081,7 @@
   msg->header.type = htons (GNUNET_MESSAGE_TYPE_SCALARPRODUCT_BOB_TO_ALICE);
   msg->header.size = htons (msg_length);
   msg->total_element_count = htonl (session->total);
-  msg->contained_element_count = htonl (session->used);
+  msg->used_element_count = htonl (session->used);
   msg->contained_element_count = htonl (session->transferred);
   memcpy (&msg->key, &session->key, sizeof (struct GNUNET_HashCode));
   current = (unsigned char *) &msg[1];
@@ -1138,9 +1161,14 @@
   if (session->transferred != session->used)
     // multipart
     session->state = WAITING_FOR_MULTIPART_TRANSMISSION;
-  else
+  else{
     //singlepart
     session->state = FINALIZED;
+    GNUNET_free(session->r);
+    GNUNET_free(session->r_prime);
+    session->r_prime = NULL;
+    session->r = NULL;
+  }
 
   return GNUNET_OK;
 }
@@ -1787,6 +1815,8 @@
 {
   struct ServiceSession * c = GNUNET_new (struct ServiceSession);
 
+  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, _ ("New incoming tunnel from peer 
%s.\n"), GNUNET_i2s (initiator));
+  
   c->peer = *initiator;
   c->tunnel = tunnel;
   c->role = BOB;
@@ -2104,7 +2134,6 @@
     return GNUNET_SYSERR;
   }
 
-  memcpy (&session->peer, &session->peer, sizeof (struct GNUNET_PeerIdentity));
   session->total = element_count;
   session->used = used_elements;
   session->transferred = contained_elements;
@@ -2297,7 +2326,10 @@
     goto invalid_msg;
   }
   //we need at least a full message without elements attached
-  if (sizeof (struct GNUNET_SCALARPRODUCT_service_response) + 2 * 
PAILLIER_ELEMENT_LENGTH > ntohs (msg->header.size)) {
+  msg_size = ntohs (msg->header.size);
+  size_t expected = sizeof (struct GNUNET_SCALARPRODUCT_service_response) + 2 
* PAILLIER_ELEMENT_LENGTH;
+  
+  if (expected > msg_size) {
     goto invalid_msg;
   }
   contained = ntohl (msg->contained_element_count);

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] r30268 - gnunet/src/scalarproduct, gnunet <=

Prev by Date: [GNUnet-SVN] r30267 - gnunet/src/namecache
Next by Date: [GNUnet-SVN] r30269 - gnunet/src/include
Previous by thread: [GNUnet-SVN] r30267 - gnunet/src/namecache
Next by thread: [GNUnet-SVN] r30269 - gnunet/src/include
Index(es):
- Date
- Thread