diff options
| author | Nick Mathewson <nickm@torproject.org> | 2013-03-15 13:49:04 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2013-04-17 10:45:27 -0400 |
| commit | 0cf2c01dbd9b86d396a55186e0656db33c7929d8 (patch) | |
| tree | 8d3f3d54ba3ec81505642d72f7b9badf57eff79e | |
| parent | acd72d4e3e47c2d81d9f3586d227069b9c87094e (diff) | |
| download | tor-0cf2c01dbd9b86d396a55186e0656db33c7929d8.tar.gz tor-0cf2c01dbd9b86d396a55186e0656db33c7929d8.zip | |
Reject most directory documents with an internal NUL.
(Specifically, we reject all the ones that aren't NUL-terminated,
since a NUL-terminated thing can't have a NUL in the middle.)
Another fix for #8037.
| -rw-r--r-- | changes/bug8037 | 4 | ||||
| -rw-r--r-- | src/or/routerparse.c | 9 |
2 files changed, 12 insertions, 1 deletions
diff --git a/changes/bug8037 b/changes/bug8037 index 5f3c1a3a8f..989745fc39 100644 --- a/changes/bug8037 +++ b/changes/bug8037 @@ -2,3 +2,7 @@ - Correctly store microdescriptors and extrainfo descriptors with an internal NUL byte. Fixes bug 8037; bugfix on 0.2.0.1-alpha. Bug reported by "cypherpunks". + + o Minor features: + - Reject as invalid most directory objects containing a + NUL. Belt-and-suspender fix for bug 8037. diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 23dae382fc..2c345ae113 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -3902,8 +3902,15 @@ tokenize_string(memarea_t *area, tor_assert(area); s = &start; - if (!end) + if (!end) { end = start+strlen(start); + } else { + /* it's only meaningful to check for nuls if we got an end-of-string ptr */ + if (memchr(start, '\0', end-start)) { + log_warn(LD_DIR, "parse error: internal NUL character."); + return -1; + } + } for (i = 0; i < NIL_; ++i) counts[i] = 0; |