From cfca43dffa77cf877b490e1fecb84798aeb81c43 Mon Sep 17 00:00:00 2001 From: jfreegman Date: Mon, 31 Jan 2022 16:48:21 -0500 Subject: [PATCH] tox_new() should return null when savedata loading fails Returning a valid tox instance when loading a corrupt savefile is probably not desired behaviour --- toxcore/tox.c | 22 ++++++++++++++++++---- toxcore/tox.h | 3 --- 2 files changed, 18 insertions(+), 7 deletions(-) diff --git a/toxcore/tox.c b/toxcore/tox.c index 163887eb9ab..cb4131ee715 100644 --- a/toxcore/tox.c +++ b/toxcore/tox.c @@ -567,12 +567,23 @@ Tox *tox_new(const struct Tox_Options *options, Tox_Err_New *error) if (load_savedata_tox && tox_load(tox, tox_options_get_savedata_data(opts), tox_options_get_savedata_length(opts)) == -1) { + mono_time_free(tox->mono_time); + tox_options_free(default_options); + unlock(tox); + + if (tox->mutex != nullptr) { + pthread_mutex_destroy(tox->mutex); + } + + free(tox->mutex); + free(tox); + SET_ERROR_PARAMETER(error, TOX_ERR_NEW_LOAD_BAD_FORMAT); - } else if (load_savedata_sk) { + return nullptr; + } + + if (load_savedata_sk) { load_secret_key(tox->m->net_crypto, tox_options_get_savedata_data(opts)); - SET_ERROR_PARAMETER(error, TOX_ERR_NEW_OK); - } else { - SET_ERROR_PARAMETER(error, TOX_ERR_NEW_OK); } m_callback_namechange(tox->m, tox_friend_name_handler); @@ -600,6 +611,9 @@ Tox *tox_new(const struct Tox_Options *options, Tox_Err_New *error) tox_options_free(default_options); unlock(tox); + + SET_ERROR_PARAMETER(error, TOX_ERR_NEW_OK); + return tox; } diff --git a/toxcore/tox.h b/toxcore/tox.h index 72f36f7dba6..bed5f67d7e4 100644 --- a/toxcore/tox.h +++ b/toxcore/tox.h @@ -871,9 +871,6 @@ typedef enum Tox_Err_New { * This function will bring the instance into a valid state. Running the event * loop with a new instance will operate correctly. * - * If loading failed or succeeded only partially, the new or partially loaded - * instance is returned and an error code is set. - * * @param options An options object as described above. If this parameter is * NULL, the default options are used. *