diff options
| author | Nick Mathewson <nickm@torproject.org> | 2019-01-17 13:32:19 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2019-01-17 13:32:19 -0500 |
| commit | f632335feb27b45a3ee5eb64690826bda52467bd (patch) | |
| tree | a60fca8562c6beafcaae1de678fcefaecbeeb26d /src/feature/hs | |
| parent | 22c5ad682cdd2e6a9a2124585302b2335361ab80 (diff) | |
| download | tor-f632335feb27b45a3ee5eb64690826bda52467bd.tar.gz tor-f632335feb27b45a3ee5eb64690826bda52467bd.zip | |
Fix users of base32_decode to check for expected length in return.
Also, when we log about a failure from base32_decode(), we now
say that the length is wrong or that the characters were invalid:
previously we would just say that there were invalid characters.
Follow-up on 28913 work.
Diffstat (limited to 'src/feature/hs')
| -rw-r--r-- | src/feature/hs/hs_client.c | 5 | ||||
| -rw-r--r-- | src/feature/hs/hs_common.c | 3 | ||||
| -rw-r--r-- | src/feature/hs/hs_service.c | 3 |
3 files changed, 8 insertions, 3 deletions
diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index dfad216abb..a8a4aa776f 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -1517,7 +1517,10 @@ parse_auth_file_content(const char *client_key_str) auth = tor_malloc_zero(sizeof(hs_client_service_authorization_t)); if (base32_decode((char *) auth->enc_seckey.secret_key, sizeof(auth->enc_seckey.secret_key), - seckey_b32, strlen(seckey_b32)) < 0) { + seckey_b32, strlen(seckey_b32)) != + sizeof(auth->enc_seckey.secret_key)) { + log_warn(LD_REND, "Client authorization encoded base32 private key " + "can't be decoded: %s", seckey_b32); goto err; } strncpy(auth->onion_address, onion_address, HS_SERVICE_ADDR_LEN_BASE32); diff --git a/src/feature/hs/hs_common.c b/src/feature/hs/hs_common.c index 8dbd9485ea..97229ac11e 100644 --- a/src/feature/hs/hs_common.c +++ b/src/feature/hs/hs_common.c @@ -926,7 +926,8 @@ hs_parse_address(const char *address, ed25519_public_key_t *key_out, } /* Decode address so we can extract needed fields. */ - if (base32_decode(decoded, sizeof(decoded), address, strlen(address)) < 0) { + if (base32_decode(decoded, sizeof(decoded), address, strlen(address)) + != sizeof(decoded)) { log_warn(LD_REND, "Service address %s can't be decoded.", escaped_safe_str(address)); goto invalid; diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index 623a239d50..6f6cf01053 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -1179,7 +1179,8 @@ parse_authorized_client(const char *client_key_str) client = tor_malloc_zero(sizeof(hs_service_authorized_client_t)); if (base32_decode((char *) client->client_pk.public_key, sizeof(client->client_pk.public_key), - pubkey_b32, strlen(pubkey_b32)) < 0) { + pubkey_b32, strlen(pubkey_b32)) != + sizeof(client->client_pk.public_key)) { log_warn(LD_REND, "Client authorization public key cannot be decoded: %s", pubkey_b32); goto err; |