From 661e811fef7d0ef6b62892a87ec3723edb0ca3bc Mon Sep 17 00:00:00 2001 From: Christian Fuchs Date: Mon, 26 May 2014 09:32:54 +0000 Subject: - fixed bug in set which allows a peer to generate a malformed session setup - fixed double-cancel of a set-handle --- src/scalarproduct/gnunet-service-scalarproduct.c | 6 ++++-- src/set/gnunet-service-set_intersection.c | 7 ++++++- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/src/scalarproduct/gnunet-service-scalarproduct.c b/src/scalarproduct/gnunet-service-scalarproduct.c index 0ce5ffccc..de3849690 100644 --- a/src/scalarproduct/gnunet-service-scalarproduct.c +++ b/src/scalarproduct/gnunet-service-scalarproduct.c @@ -1279,8 +1279,10 @@ cb_intersection_element_removed (void *cls, GNUNET_SET_listen_cancel (s->intersection_listen); s->intersection_listen = NULL; } + // the op failed and has already been invalidated by the set service s->intersection_op = NULL; + s->intersection_set = NULL; break; } @@ -1893,7 +1895,7 @@ cb_channel_destruction (void *cls, // as we have only one peer connected in each session, just remove the session s->channel = NULL; - if ((ALICE == s->role) && (GNUNET_NO != s->active) && (!do_shutdown)) + if ((ALICE == s->role) && (GNUNET_YES == s->active) && (!do_shutdown)) { // if this happened before we received the answer, we must terminate the session s->role = GNUNET_SYSERR; @@ -1901,7 +1903,7 @@ cb_channel_destruction (void *cls, GNUNET_SCHEDULER_add_now (&prepare_client_end_notification, s); } - else + else if ((BOB == s->role) && (GNUNET_SYSERR != s->active)) { if ((s == from_service_head) || ((NULL != from_service_head) && ((NULL != s->next) || (NULL != s->a_tail)))) GNUNET_CONTAINER_DLL_remove (from_service_head, from_service_tail, s); diff --git a/src/set/gnunet-service-set_intersection.c b/src/set/gnunet-service-set_intersection.c index 9b327ec78..4709e3d82 100644 --- a/src/set/gnunet-service-set_intersection.c +++ b/src/set/gnunet-service-set_intersection.c @@ -748,6 +748,11 @@ handle_p2p_element_info (void *cls, const struct GNUNET_MessageHeader *mh) GNUNET_break_op (0); fail_intersection_operation(op); } + + if (0 == op->state->my_element_count) { + send_peer_done (op); + return; + } op->state->phase = PHASE_BF_EXCHANGE; op->state->my_elements = GNUNET_CONTAINER_multihashmap_create (1, GNUNET_YES); @@ -758,7 +763,7 @@ handle_p2p_element_info (void *cls, const struct GNUNET_MessageHeader *mh) GNUNET_CONTAINER_bloomfilter_free (op->state->remote_bf); op->state->remote_bf = NULL; - + if (op->state->my_element_count == ntohl (msg->sender_element_count)) op->state->phase = PHASE_MAYBE_FINISHED; -- cgit v1.2.3