diff options
author | Nick Mathewson <nickm@torproject.org> | 2015-01-29 14:04:57 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2015-01-29 14:09:57 -0500 |
commit | bd630a899a1ff7658a0c52327fa3cce59e7213b4 (patch) | |
tree | 15ba81763548e6a6382e444bc57aff67abf80f6f | |
parent | f935ee2dae5ca026a6bf81cc403bc50ae92bdd70 (diff) | |
download | tor-bd630a899a1ff7658a0c52327fa3cce59e7213b4.tar.gz tor-bd630a899a1ff7658a0c52327fa3cce59e7213b4.zip |
Correctly reject packages lines with empty entries
-rw-r--r-- | src/or/dirserv.c | 42 | ||||
-rw-r--r-- | src/test/test_dir.c | 7 |
2 files changed, 36 insertions, 13 deletions
diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 3785d9adee..5c59fc7a5e 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -3300,22 +3300,38 @@ validate_recommended_package_line(const char *line) WORD(); /* Skip URL */ ++cp; - /* Skip digestname=digestval + */ - int foundeq = 0; - while (*cp) { - if (*cp == ' ') { - if (!foundeq) - return 0; - foundeq = 0; - } else if (*cp == '=') { - if (++foundeq > 1) - return 0; - } - ++cp; + /* Skip digesttype=digestval + */ + int n_entries = 0; + while (1) { + const char *start_of_word = cp; + const char *end_of_word = strchr(cp, ' '); + if (! end_of_word) + end_of_word = cp + strlen(cp); + + if (start_of_word == end_of_word) + return 0; + + const char *eq = memchr(start_of_word, '=', end_of_word - start_of_word); + + if (!eq) + return 0; + if (eq == start_of_word) + return 0; + if (eq == end_of_word - 1) + return 0; + if (memchr(eq+1, '=', end_of_word - (eq+1))) + return 0; + + ++n_entries; + if (0 == *end_of_word) + break; + + cp = end_of_word + 1; } - if (!foundeq) + if (n_entries == 0) return 0; + return 1; } diff --git a/src/test/test_dir.c b/src/test/test_dir.c index 7d3d41401d..efc3ec7940 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -2961,6 +2961,13 @@ test_dir_packages(void *arg) BAD("tor "); BAD("tor"); BAD(""); + BAD("=foobar sha256=" + "3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7"); + BAD("= = sha256=" + "3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7"); + + BAD("sha512= sha256=" + "3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7"); votes = smartlist_new(); smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t))); |