tox_new() should return null when savedata loading fails

JFreegman · JFreegman · commit fc623a5281cc · 2023-11-14T22:15:55.000-05:00
Returning a valid tox instance when loading a corrupt
savefile is probably not desired behaviour
diff --git a/other/bootstrap_daemon/docker/tox-bootstrapd.sha256 b/other/bootstrap_daemon/docker/tox-bootstrapd.sha256
@@ -1 +1 @@
-9bec65f2a3093ebb49c3751dfad267482bc80d4b29ef9171f11d5ba53058d713  /usr/local/bin/tox-bootstrapd
+8942735f04e41962bbcfaeccbfa6487424ad78c910e932d93b5b6f56a6e852b7  /usr/local/bin/tox-bootstrapd
diff --git a/toxcore/tox.c b/toxcore/tox.c
@@ -858,12 +858,23 @@ Tox *tox_new(const struct Tox_Options *options, Tox_Err_New *error)
 
     if (load_savedata_tox
             && tox_load(tox, tox_options_get_savedata_data(opts), tox_options_get_savedata_length(opts)) == -1) {
+        mono_time_free(tox->sys.mem, tox->mono_time);
+        tox_options_free(default_options);
+        tox_unlock(tox);
+
+        if (tox->mutex != nullptr) {
+            pthread_mutex_destroy(tox->mutex);
+        }
+
+        free(tox->mutex);
+        free(tox);
+
         SET_ERROR_PARAMETER(error, TOX_ERR_NEW_LOAD_BAD_FORMAT);
-    } else if (load_savedata_sk) {
+        return nullptr;
+    }
+
+    if (load_savedata_sk) {
         load_secret_key(tox->m->net_crypto, tox_options_get_savedata_data(opts));
-        SET_ERROR_PARAMETER(error, TOX_ERR_NEW_OK);
-    } else {
-        SET_ERROR_PARAMETER(error, TOX_ERR_NEW_OK);
     }
 
     m_callback_namechange(tox->m, tox_friend_name_handler);
@@ -913,6 +924,9 @@ Tox *tox_new(const struct Tox_Options *options, Tox_Err_New *error)
     tox_options_free(default_options);
 
     tox_unlock(tox);
+
+    SET_ERROR_PARAMETER(error, TOX_ERR_NEW_OK);
+
     return tox;
 }
 
diff --git a/toxcore/tox.h b/toxcore/tox.h
@@ -890,9 +890,6 @@ typedef enum Tox_Err_New {
  * This function will bring the instance into a valid state. Running the event
  * loop with a new instance will operate correctly.
  *
- * If loading failed or succeeded only partially, the new or partially loaded
- * instance is returned and an error code is set.
- *
  * @param options An options object as described above. If this parameter is
  *   NULL, the default options are used.
  *

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-9bec65f2a3093ebb49c3751dfad267482bc80d4b29ef9171f11d5ba53058d713 /usr/local/bin/tox-bootstrapd`
	`1`	`+8942735f04e41962bbcfaeccbfa6487424ad78c910e932d93b5b6f56a6e852b7 /usr/local/bin/tox-bootstrapd`
Original file line number	Diff line number	Diff line change
`@@ -890,9 +890,6 @@ typedef enum Tox_Err_New {`
`890`	`890`	`* This function will bring the instance into a valid state. Running the event`
`891`	`891`	`* loop with a new instance will operate correctly.`
`892`	`892`	`*`
`893`		`- * If loading failed or succeeded only partially, the new or partially loaded`
`894`		`- * instance is returned and an error code is set.`
`895`		`- *`
`896`	`893`	`* @param options An options object as described above. If this parameter is`
`897`	`894`	`* NULL, the default options are used.`
`898`	`895`	`*`