diff options
author | juga0 <juga@riseup.net> | 2018-06-30 13:56:38 +0000 |
---|---|---|
committer | juga0 <juga@riseup.net> | 2018-07-16 14:43:49 +0000 |
commit | 8164534f4669b2a3de075d1f57176540406be991 (patch) | |
tree | 8c0171bce45bae3799c237d063ec2139de404fb5 | |
parent | 317d930f081936cde6551f1642ddf20983918658 (diff) | |
download | tor-8164534f4669b2a3de075d1f57176540406be991.tar.gz tor-8164534f4669b2a3de075d1f57176540406be991.zip |
Ensure that bw_file_headers is not bigger than max
-rw-r--r-- | src/feature/dirauth/dirvote.c | 23 | ||||
-rw-r--r-- | src/feature/dirauth/dirvote.h | 3 | ||||
-rw-r--r-- | src/feature/dircache/dirserv.c | 8 |
3 files changed, 24 insertions, 10 deletions
diff --git a/src/feature/dirauth/dirvote.c b/src/feature/dirauth/dirvote.c index b123f73a41..e3b7016076 100644 --- a/src/feature/dirauth/dirvote.c +++ b/src/feature/dirauth/dirvote.c @@ -254,7 +254,7 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key, /* XXXX Abstraction violation: should be pulling a field out of v3_ns.*/ char *flag_thresholds = dirserv_get_flag_thresholds_line(); char *params; - char *bw_file_headers; + char *bw_file_headers = NULL; authority_cert_t *cert = v3_ns->cert; char *methods = make_consensus_method_list(MIN_SUPPORTED_CONSENSUS_METHOD, @@ -269,11 +269,19 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key, else params = tor_strdup(""); tor_assert(cert); - if (v3_ns->bw_file_headers) - bw_file_headers = smartlist_join_strings(v3_ns->bw_file_headers, " ", 0, - NULL); - else - bw_file_headers = tor_strdup(""); + + if (v3_ns->bw_file_headers) { + if (! BUG(smartlist_len(v3_ns->bw_file_headers) + > MAX_BW_FILE_HEADER_COUNT_IN_VOTE)) { + bw_file_headers = smartlist_join_strings(v3_ns->bw_file_headers, " ", + 0, NULL); + if (BUG(strlen(bw_file_headers) > MAX_BW_FILE_HEADERS_LINE_LEN)) { + /* Free and set to NULL, so the vote header line is empty */ + tor_free(bw_file_headers); + } + } + } + smartlist_add_asprintf(chunks, "network-status-version 3\n" "vote-status %s\n" @@ -309,7 +317,8 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key, voter->contact, shared_random_vote_str ? shared_random_vote_str : "", - bw_file_headers); + bw_file_headers ? + bw_file_headers : ""); tor_free(params); tor_free(flags); diff --git a/src/feature/dirauth/dirvote.h b/src/feature/dirauth/dirvote.h index 7ce8e4a699..979a2be8a6 100644 --- a/src/feature/dirauth/dirvote.h +++ b/src/feature/dirauth/dirvote.h @@ -89,6 +89,9 @@ #define DGV_INCLUDE_PENDING 2 #define DGV_INCLUDE_PREVIOUS 4 +/** Maximum size of a line in a vote. */ +#define MAX_BW_FILE_HEADERS_LINE_LEN 1024 + /* * Public API. Used outside of the dirauth subsystem. * diff --git a/src/feature/dircache/dirserv.c b/src/feature/dircache/dirserv.c index c3ccc3c8ff..411a1a0bd3 100644 --- a/src/feature/dircache/dirserv.c +++ b/src/feature/dircache/dirserv.c @@ -2679,17 +2679,19 @@ dirserv_read_measured_bandwidths(const char *from_file, applied_lines++; /* if the terminator is found, it is the end of header lines, set the * flag but do not store anything */ - } else if (strcmp(line, BW_FILE_TERMINATOR) == 0) + } else if (strcmp(line, BW_FILE_HEADERS_TERMINATOR) == 0) { line_is_after_headers = 1; /* if the line was not a correct relay line nor the terminator and * the end of the header lines has not been detected yet * and it is key_value and bw_file_headers did not reach the maximum * number of headers, * then assume this line is a header and add it to bw_file_headers */ - else if (bw_file_headers && + } else if (bw_file_headers && (line_is_after_headers == 0) && string_is_key_value(LOG_DEBUG, line) && - (smartlist_len(bw_file_headers) < MAX_BW_FILE_HEADERS_LEN)) { + !strchr(line, ' ') && + (smartlist_len(bw_file_headers) + < MAX_BW_FILE_HEADER_COUNT_IN_VOTE)) { line[strlen(line)-1] = '\0'; smartlist_add_strdup(bw_file_headers, line); }; |