summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2014-12-22 12:56:35 -0500
committerNick Mathewson <nickm@torproject.org>2014-12-22 12:56:35 -0500
commit47760c7ba5f1c87c945f4a018e3b3da6d127a8b9 (patch)
treefce7d4a6cd8b7865786574b34065fd8158ecb103
parent137982f955b297b41a89086d672baf761825c152 (diff)
downloadtor-47760c7ba5f1c87c945f4a018e3b3da6d127a8b9.tar.gz
tor-47760c7ba5f1c87c945f4a018e3b3da6d127a8b9.zip
When decoding a base-{16,32,64} value, clear the target buffer first
This is a good idea in case the caller stupidly doesn't check the return value from baseX_decode(), and as a workaround for the current inconsistent API of base16_decode. Prevents any fallout from bug 14013.
-rw-r--r--src/common/crypto.c6
-rw-r--r--src/common/util.c3
2 files changed, 9 insertions, 0 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 925beb3529..63276146aa 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -2678,6 +2678,8 @@ base64_decode(char *dest, size_t destlen, const char *src, size_t srclen)
if (destlen > SIZE_T_CEILING)
return -1;
+ memset(dest, 0, destlen);
+
EVP_DecodeInit(&ctx);
EVP_DecodeUpdate(&ctx, (unsigned char*)dest, &len,
(unsigned char*)src, srclen);
@@ -2699,6 +2701,8 @@ base64_decode(char *dest, size_t destlen, const char *src, size_t srclen)
if (destlen > SIZE_T_CEILING)
return -1;
+ memset(dest, 0, destlen);
+
/* Iterate over all the bytes in src. Each one will add 0 or 6 bits to the
* value we're decoding. Accumulate bits in <b>n</b>, and whenever we have
* 24 bits, batch them into 3 bytes and flush those bytes to dest.
@@ -2878,6 +2882,8 @@ base32_decode(char *dest, size_t destlen, const char *src, size_t srclen)
tor_assert((nbits/8) <= destlen); /* We need enough space. */
tor_assert(destlen < SIZE_T_CEILING);
+ memset(dest, 0, destlen);
+
/* Convert base32 encoded chars to the 5-bit values that they represent. */
tmp = tor_malloc_zero(srclen);
for (j = 0; j < srclen; ++j) {
diff --git a/src/common/util.c b/src/common/util.c
index 5eb0f9a69b..036fd2542c 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -1076,6 +1076,9 @@ base16_decode(char *dest, size_t destlen, const char *src, size_t srclen)
return -1;
if (destlen < srclen/2 || destlen > SIZE_T_CEILING)
return -1;
+
+ memset(dest, 0, destlen);
+
end = src+srclen;
while (src<end) {
v1 = hex_decode_digit_(*src);