diff options
| author | Nick Mathewson <nickm@torproject.org> | 2011-01-12 12:42:40 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2011-01-12 12:42:40 -0500 |
| commit | 1e37d8678a7f0a066886a74b0b57bce121d370b1 (patch) | |
| tree | 5e117fc741bc6e4b8e1bbe51e4a3e71435d78a10 | |
| parent | 597433bcec3cc8270dec810fe82d8accc85931ef (diff) | |
| parent | f4756051feb2ee57fbe3b5e285b012a922fef6c3 (diff) | |
| download | tor-1e37d8678a7f0a066886a74b0b57bce121d370b1.tar.gz tor-1e37d8678a7f0a066886a74b0b57bce121d370b1.zip | |
Merge branch 'bug2331' into maint-0.2.2
| -rw-r--r-- | changes/bug2331 | 7 | ||||
| -rw-r--r-- | src/common/crypto.c | 10 |
2 files changed, 13 insertions, 4 deletions
diff --git a/changes/bug2331 b/changes/bug2331 new file mode 100644 index 0000000000..9940b591cb --- /dev/null +++ b/changes/bug2331 @@ -0,0 +1,7 @@ + o Minor bugfixes: + - Add assertions to check for overflow in arguments to + base32_encode and base32_decode; fix a signed-unsigned + comparison there too. These bugs are not actually reachable in + Tor, but it's good to prevent future errors too. Found by + doorss. + diff --git a/src/common/crypto.c b/src/common/crypto.c index 65162618a3..e47fa5602c 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -2412,9 +2412,10 @@ digest256_from_base64(char *digest, const char *d64) void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen) { - unsigned int i, bit, v, u; - size_t nbits = srclen * 8; + unsigned int i, v, u; + size_t nbits = srclen * 8, bit; + tor_assert(srclen < SIZE_T_CEILING/8); tor_assert((nbits%5) == 0); /* We need an even multiple of 5 bits. */ tor_assert((nbits/5)+1 <= destlen); /* We need enough space. */ tor_assert(destlen < SIZE_T_CEILING); @@ -2438,11 +2439,12 @@ base32_decode(char *dest, size_t destlen, const char *src, size_t srclen) { /* XXXX we might want to rewrite this along the lines of base64_decode, if * it ever shows up in the profile. */ - unsigned int i, j, bit; - size_t nbits; + unsigned int i; + size_t nbits, j, bit; char *tmp; nbits = srclen * 5; + tor_assert(srclen < SIZE_T_CEILING / 5); tor_assert((nbits%8) == 0); /* We need an even multiple of 8 bits. */ tor_assert((nbits/8) <= destlen); /* We need enough space. */ tor_assert(destlen < SIZE_T_CEILING); |