diff options
| author | Nick Mathewson <nickm@torproject.org> | 2015-11-30 22:03:00 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-11-30 22:03:00 -0500 |
| commit | ee5337e90497e31c1ef18630c4f089e70bda5269 (patch) | |
| tree | c82b6173a8738dfb757e8ee63e9360a81e0894c2 | |
| parent | 7ff18cc1b64e4a119ec3b46102c897f3ca7107f8 (diff) | |
| parent | e408aa3b24bad2f697254d197e43c735755b962f (diff) | |
| download | tor-ee5337e90497e31c1ef18630c4f089e70bda5269.tar.gz tor-ee5337e90497e31c1ef18630c4f089e70bda5269.zip | |
Merge branch 'maint-0.2.7'
| -rw-r--r-- | changes/bug17722 | 3 | ||||
| -rw-r--r-- | src/or/torcert.c | 6 |
2 files changed, 8 insertions, 1 deletions
diff --git a/changes/bug17722 b/changes/bug17722 new file mode 100644 index 0000000000..1b18d4af2b --- /dev/null +++ b/changes/bug17722 @@ -0,0 +1,3 @@ + o Minor bugfixes (code correctness) + - Fix undefined behavior in the tor_cert_checksig function. Fixes bug + 17722; bugfix on tor-0.2.7.2-alpha. diff --git a/src/or/torcert.c b/src/or/torcert.c index 596cd2be31..ef5b4c0c3b 100644 --- a/src/or/torcert.c +++ b/src/or/torcert.c @@ -206,7 +206,11 @@ tor_cert_checksig(tor_cert_t *cert, return -1; } else { cert->sig_ok = 1; - memcpy(cert->signing_key.pubkey, checkable.pubkey->pubkey, 32); + /* Only copy the checkable public key when it is different from the signing + * key of the certificate to avoid undefined behavior. */ + if (cert->signing_key.pubkey != checkable.pubkey->pubkey) { + memcpy(cert->signing_key.pubkey, checkable.pubkey->pubkey, 32); + } cert->cert_valid = 1; return 0; } |