Update to trunnel 1.4.4 to fix 18373

changes/trunnel_update

@@ -0,0 +1,5 @@
+  o Minor bugfixes (code correctness):
+    - Update to the latest version of Trunnel, which tries harder
+      to avoid generating code that can invoke memcpy(p,NULL,0).
+      Bug found by clang address sanitizer. Fixes bug 18373. Bugfix
+      on 0.2.7.2-alpha.

src/ext/trunnel/trunnel-impl.h

@@ -1,4 +1,4 @@
-/* trunnel-impl.h -- copied from Trunnel v1.4.3
+/* trunnel-impl.h -- copied from Trunnel v1.4.4
  * https://gitweb.torproject.org/trunnel.git
  * You probably shouldn't edit this file.
  */

src/ext/trunnel/trunnel.c

@@ -1,4 +1,4 @@
-/* trunnel.c -- copied from Trunnel v1.4.3
+/* trunnel.c -- copied from Trunnel v1.4.4
  * https://gitweb.torproject.org/trunnel.git
  * You probably shouldn't edit this file.
  */

src/ext/trunnel/trunnel.h

@@ -1,4 +1,4 @@
-/* trunnel.h -- copied from Trunnel v1.4.3
+/* trunnel.h -- copied from Trunnel v1.4.4
  * https://gitweb.torproject.org/trunnel.git
  * You probably shouldn't edit this file.
  */

src/trunnel/ed25519_cert.c

@@ -1,4 +1,4 @@
-/* ed25519_cert.c -- generated by Trunnel v1.4.3.
+/* ed25519_cert.c -- generated by Trunnel v1.4.4.
  * https://gitweb.torproject.org/trunnel.git
  * You probably shouldn't edit this file.
  */
@@ -289,7 +289,8 @@ ed25519_cert_extension_encode(uint8_t *output, const size_t avail, const ed25519
           trunnel_assert(written <= avail);
           if (avail - written < elt_len)
             goto truncated;
-          memcpy(ptr, obj->un_unparsed.elts_, elt_len);
+          if (elt_len)
+            memcpy(ptr, obj->un_unparsed.elts_, elt_len);
           written += elt_len; ptr += elt_len;
         }
         break;
@@ -374,7 +375,8 @@ ed25519_cert_extension_parse_into(ed25519_cert_extension_t *obj, const uint8_t *
         /* Parse u8 un_unparsed[] */
         TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->un_unparsed, remaining, {});
         obj->un_unparsed.n_ = remaining;
-        memcpy(obj->un_unparsed.elts_, ptr, remaining);
+        if (remaining)
+          memcpy(obj->un_unparsed.elts_, ptr, remaining);
         ptr += remaining; remaining -= remaining;
         break;
     }

src/trunnel/ed25519_cert.h

@@ -1,4 +1,4 @@
-/* ed25519_cert.h -- generated by by Trunnel v1.4.3.
+/* ed25519_cert.h -- generated by by Trunnel v1.4.4.
  * https://gitweb.torproject.org/trunnel.git
  * You probably shouldn't edit this file.
  */

src/trunnel/link_handshake.c

@@ -1,4 +1,4 @@
-/* link_handshake.c -- generated by Trunnel v1.4.3.
+/* link_handshake.c -- generated by Trunnel v1.4.4.
  * https://gitweb.torproject.org/trunnel.git
  * You probably shouldn't edit this file.
  */
@@ -537,7 +537,8 @@ certs_cell_cert_encode(uint8_t *output, const size_t avail, const certs_cell_cer
     trunnel_assert(written <= avail);
     if (avail - written < elt_len)
       goto truncated;
-    memcpy(ptr, obj->body.elts_, elt_len);
+    if (elt_len)
+      memcpy(ptr, obj->body.elts_, elt_len);
     written += elt_len; ptr += elt_len;
   }
 
@@ -589,7 +590,8 @@ certs_cell_cert_parse_into(certs_cell_cert_t *obj, const uint8_t *input, const s
   CHECK_REMAINING(obj->cert_len, truncated);
   TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->body, obj->cert_len, {});
   obj->body.n_ = obj->cert_len;
-  memcpy(obj->body.elts_, ptr, obj->cert_len);
+  if (obj->cert_len)
+    memcpy(obj->body.elts_, ptr, obj->cert_len);
   ptr += obj->cert_len; remaining -= obj->cert_len;
   trunnel_assert(ptr + remaining == input + len_in);
   return len_in - remaining;
@@ -840,7 +842,8 @@ rsa_ed_crosscert_encode(uint8_t *output, const size_t avail, const rsa_ed_crossc
     trunnel_assert(written <= avail);
     if (avail - written < elt_len)
       goto truncated;
-    memcpy(ptr, obj->sig.elts_, elt_len);
+    if (elt_len)
+      memcpy(ptr, obj->sig.elts_, elt_len);
     written += elt_len; ptr += elt_len;
   }
 
@@ -899,7 +902,8 @@ rsa_ed_crosscert_parse_into(rsa_ed_crosscert_t *obj, const uint8_t *input, const
   CHECK_REMAINING(obj->sig_len, truncated);
   TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->sig, obj->sig_len, {});
   obj->sig.n_ = obj->sig_len;
-  memcpy(obj->sig.elts_, ptr, obj->sig_len);
+  if (obj->sig_len)
+    memcpy(obj->sig.elts_, ptr, obj->sig_len);
   ptr += obj->sig_len; remaining -= obj->sig_len;
   trunnel_assert(ptr + remaining == input + len_in);
   return len_in - remaining;
@@ -1467,7 +1471,8 @@ auth1_encode(uint8_t *output, const size_t avail, const auth1_t *obj, const auth
     trunnel_assert(written <= avail);
     if (avail - written < elt_len)
       goto truncated;
-    memcpy(ptr, obj->sig.elts_, elt_len);
+    if (elt_len)
+      memcpy(ptr, obj->sig.elts_, elt_len);
     written += elt_len; ptr += elt_len;
   }
 
@@ -1576,7 +1581,8 @@ auth1_parse_into(auth1_t *obj, const uint8_t *input, const size_t len_in, const
   /* Parse u8 sig[] */
   TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->sig, remaining, {});
   obj->sig.n_ = remaining;
-  memcpy(obj->sig.elts_, ptr, remaining);
+  if (remaining)
+    memcpy(obj->sig.elts_, ptr, remaining);
   ptr += remaining; remaining -= remaining;
   trunnel_assert(ptr + remaining == input + len_in);
   return len_in - remaining;

src/trunnel/link_handshake.h

@@ -1,4 +1,4 @@
-/* link_handshake.h -- generated by by Trunnel v1.4.3.
+/* link_handshake.h -- generated by by Trunnel v1.4.4.
  * https://gitweb.torproject.org/trunnel.git
  * You probably shouldn't edit this file.
  */

src/trunnel/pwbox.c

@@ -1,4 +1,4 @@
-/* pwbox.c -- generated by Trunnel v1.4.3.
+/* pwbox.c -- generated by Trunnel v1.4.4.
  * https://gitweb.torproject.org/trunnel.git
  * You probably shouldn't edit this file.
  */
@@ -362,7 +362,8 @@ pwbox_encoded_encode(uint8_t *output, size_t avail, const pwbox_encoded_t *obj)
     trunnel_assert(written <= avail);
     if (avail - written < elt_len)
       goto truncated;
-    memcpy(ptr, obj->skey_header.elts_, elt_len);
+    if (elt_len)
+      memcpy(ptr, obj->skey_header.elts_, elt_len);
     written += elt_len; ptr += elt_len;
   }
 
@@ -380,7 +381,8 @@ pwbox_encoded_encode(uint8_t *output, size_t avail, const pwbox_encoded_t *obj)
       trunnel_assert(written <= avail);
       if (avail - written < elt_len)
         goto truncated;
-      memcpy(ptr, obj->data.elts_, elt_len);
+      if (elt_len)
+        memcpy(ptr, obj->data.elts_, elt_len);
       written += elt_len; ptr += elt_len;
     }
     trunnel_assert(written <= avail);
@@ -460,7 +462,8 @@ pwbox_encoded_parse_into(pwbox_encoded_t *obj, const uint8_t *input, const size_
   CHECK_REMAINING(obj->header_len, truncated);
   TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->skey_header, obj->header_len, {});
   obj->skey_header.n_ = obj->header_len;
-  memcpy(obj->skey_header.elts_, ptr, obj->header_len);
+  if (obj->header_len)
+    memcpy(obj->skey_header.elts_, ptr, obj->header_len);
   ptr += obj->header_len; remaining -= obj->header_len;
 
   /* Parse u8 iv[16] */
@@ -476,7 +479,8 @@ pwbox_encoded_parse_into(pwbox_encoded_t *obj, const uint8_t *input, const size_
     /* Parse u8 data[] */
     TRUNNEL_DYNARRAY_EXPAND(uint8_t, &obj->data, remaining, {});
     obj->data.n_ = remaining;
-    memcpy(obj->data.elts_, ptr, remaining);
+    if (remaining)
+      memcpy(obj->data.elts_, ptr, remaining);
     ptr += remaining; remaining -= remaining;
     if (remaining != 0)
       goto fail;

src/trunnel/pwbox.h

@@ -1,4 +1,4 @@
-/* pwbox.h -- generated by by Trunnel v1.4.3.
+/* pwbox.h -- generated by by Trunnel v1.4.4.
  * https://gitweb.torproject.org/trunnel.git
  * You probably shouldn't edit this file.
  */