From 913f66278c5be1454639ebc566aa685602dc53d7 Mon Sep 17 00:00:00 2001
From: Roger Dingledine <arma@torproject.org>
Date: Tue, 19 Feb 2008 23:54:17 +0000
Subject: rearrange our assert so we don't possibly overflow rh.length before
 triggering the assert. reported by veracode.

svn:r13601
---
 src/or/relay.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/or/relay.c b/src/or/relay.c
index 262e72f67..dd999e9eb 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -475,6 +475,7 @@ relay_send_command_from_edge(uint16_t stream_id, circuit_t *circ,
   /* XXXX NM Split this function into a separate versions per circuit type? */
 
   tor_assert(circ);
+  tor_assert(payload_len <= RELAY_PAYLOAD_SIZE);
 
   memset(&cell, 0, sizeof(cell_t));
   cell.command = CELL_RELAY;
@@ -493,10 +494,8 @@ relay_send_command_from_edge(uint16_t stream_id, circuit_t *circ,
   rh.stream_id = stream_id;
   rh.length = payload_len;
   relay_header_pack(cell.payload, &rh);
-  if (payload_len) {
-    tor_assert(payload_len <= RELAY_PAYLOAD_SIZE);
+  if (payload_len)
     memcpy(cell.payload+RELAY_HEADER_SIZE, payload, payload_len);
-  }
 
   log_debug(LD_OR,"delivering %d cell %s.", relay_command,
             cell_direction == CELL_DIRECTION_OUT ? "forward" : "backward");
-- 
cgit v1.2.3