diff options
| author | Dan Rosenberg <dan.j.rosenberg@gmail.com> | 2011-11-06 17:23:14 +0100 |
|---|---|---|
| committer | Sebastian Hahn <sebastian@torproject.org> | 2011-11-06 17:23:14 +0100 |
| commit | d5161ab895b9c14a66a08fb38521dd12c0772a97 (patch) | |
| tree | 41e5a6470c540e20403b5562806739b8083b57ba | |
| parent | 5d3095152efb5c8f0d887be0bccdb154ded40a91 (diff) | |
| download | tor-d5161ab895b9c14a66a08fb38521dd12c0772a97.tar.gz tor-d5161ab895b9c14a66a08fb38521dd12c0772a97.zip | |
Fix remotely triggerable assert during ip decryption
Fixes bug 4410.
| -rw-r--r-- | src/or/routerparse.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 19f9e38a9a..843fc79c82 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -3858,6 +3858,11 @@ rend_decrypt_introduction_points(char **ipos_decrypted, crypto_cipher_env_t *cipher; char *dec; int declen; + if (ipos_encrypted_size < CIPHER_IV_LEN + 2) { + log_warn(LD_REND, "Size of encrypted introduction points is too " + "small."); + return -1; + } dec = tor_malloc_zero(ipos_encrypted_size - CIPHER_IV_LEN - 1); cipher = crypto_create_init_cipher(descriptor_cookie, 0); declen = crypto_cipher_decrypt_with_iv(cipher, dec, |