summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2017-02-15 07:57:34 -0500
committerNick Mathewson <nickm@torproject.org>2017-02-15 07:57:34 -0500
commitcb6b3b7cadb641b648577e5d5536735222cc68da (patch)
tree56feb925e6e3e50cd2d27499538732100f5c4b76
parenta1c3b391de98e73528d042a8b4c9d804b6d5bf57 (diff)
downloadtor-cb6b3b7cadb641b648577e5d5536735222cc68da.tar.gz
tor-cb6b3b7cadb641b648577e5d5536735222cc68da.zip
Limit version numbers to 0...INT32_MAX.
Closes 21450; patch from teor.
Diffstat
-rw-r--r--changes/bug214504
-rw-r--r--src/or/routerparse.c5
2 files changed, 8 insertions, 1 deletions
diff --git a/changes/bug21450 b/changes/bug21450
new file mode 100644
index 0000000000..a1cf89ab41
--- /dev/null
+++ b/changes/bug21450
@@ -0,0 +1,4 @@
+ o Minor bugfixes (voting consistency):
+ - Reject version numbers with components that exceed INT32_MAX.
+ Otherwise 32-bit and 64-bit platforms would behave inconsistently.
+ Fixes bug 21450; bugfix on 0.0.8pre1.
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index a896dde2b3..c325412e39 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -5605,6 +5605,7 @@ tor_version_parse(const char *s, tor_version_t *out)
{
char *eos=NULL;
const char *cp=NULL;
+ int ok = 1;
/* Format is:
* "Tor " ? NUM dot NUM [ dot NUM [ ( pre | rc | dot ) NUM ] ] [ - tag ]
*/
@@ -5620,7 +5621,9 @@ tor_version_parse(const char *s, tor_version_t *out)
#define NUMBER(m) \
do { \
- out->m = (int)strtol(cp, &eos, 10); \
+ out->m = (int)tor_parse_uint64(val, 10, 0, INT32_MAX, &ok, &eos); \
+ if (!ok) \
+ return -1; \
if (!eos || eos == cp) \
return -1; \
cp = eos; \
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion