aboutsummaryrefslogtreecommitdiff
path: root/src/feature
diff options
context:
space:
mode:
authorjuga0 <juga@riseup.net>2018-06-30 13:56:38 +0000
committerjuga0 <juga@riseup.net>2018-07-16 14:43:49 +0000
commit8164534f4669b2a3de075d1f57176540406be991 (patch)
tree8c0171bce45bae3799c237d063ec2139de404fb5 /src/feature
parent317d930f081936cde6551f1642ddf20983918658 (diff)
downloadtor-8164534f4669b2a3de075d1f57176540406be991.tar.gz
tor-8164534f4669b2a3de075d1f57176540406be991.zip
Ensure that bw_file_headers is not bigger than max
Diffstat (limited to 'src/feature')
-rw-r--r--src/feature/dirauth/dirvote.c23
-rw-r--r--src/feature/dirauth/dirvote.h3
-rw-r--r--src/feature/dircache/dirserv.c8
3 files changed, 24 insertions, 10 deletions
diff --git a/src/feature/dirauth/dirvote.c b/src/feature/dirauth/dirvote.c
index b123f73a41..e3b7016076 100644
--- a/src/feature/dirauth/dirvote.c
+++ b/src/feature/dirauth/dirvote.c
@@ -254,7 +254,7 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
/* XXXX Abstraction violation: should be pulling a field out of v3_ns.*/
char *flag_thresholds = dirserv_get_flag_thresholds_line();
char *params;
- char *bw_file_headers;
+ char *bw_file_headers = NULL;
authority_cert_t *cert = v3_ns->cert;
char *methods =
make_consensus_method_list(MIN_SUPPORTED_CONSENSUS_METHOD,
@@ -269,11 +269,19 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
else
params = tor_strdup("");
tor_assert(cert);
- if (v3_ns->bw_file_headers)
- bw_file_headers = smartlist_join_strings(v3_ns->bw_file_headers, " ", 0,
- NULL);
- else
- bw_file_headers = tor_strdup("");
+
+ if (v3_ns->bw_file_headers) {
+ if (! BUG(smartlist_len(v3_ns->bw_file_headers)
+ > MAX_BW_FILE_HEADER_COUNT_IN_VOTE)) {
+ bw_file_headers = smartlist_join_strings(v3_ns->bw_file_headers, " ",
+ 0, NULL);
+ if (BUG(strlen(bw_file_headers) > MAX_BW_FILE_HEADERS_LINE_LEN)) {
+ /* Free and set to NULL, so the vote header line is empty */
+ tor_free(bw_file_headers);
+ }
+ }
+ }
+
smartlist_add_asprintf(chunks,
"network-status-version 3\n"
"vote-status %s\n"
@@ -309,7 +317,8 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
voter->contact,
shared_random_vote_str ?
shared_random_vote_str : "",
- bw_file_headers);
+ bw_file_headers ?
+ bw_file_headers : "");
tor_free(params);
tor_free(flags);
diff --git a/src/feature/dirauth/dirvote.h b/src/feature/dirauth/dirvote.h
index 7ce8e4a699..979a2be8a6 100644
--- a/src/feature/dirauth/dirvote.h
+++ b/src/feature/dirauth/dirvote.h
@@ -89,6 +89,9 @@
#define DGV_INCLUDE_PENDING 2
#define DGV_INCLUDE_PREVIOUS 4
+/** Maximum size of a line in a vote. */
+#define MAX_BW_FILE_HEADERS_LINE_LEN 1024
+
/*
* Public API. Used outside of the dirauth subsystem.
*
diff --git a/src/feature/dircache/dirserv.c b/src/feature/dircache/dirserv.c
index c3ccc3c8ff..411a1a0bd3 100644
--- a/src/feature/dircache/dirserv.c
+++ b/src/feature/dircache/dirserv.c
@@ -2679,17 +2679,19 @@ dirserv_read_measured_bandwidths(const char *from_file,
applied_lines++;
/* if the terminator is found, it is the end of header lines, set the
* flag but do not store anything */
- } else if (strcmp(line, BW_FILE_TERMINATOR) == 0)
+ } else if (strcmp(line, BW_FILE_HEADERS_TERMINATOR) == 0) {
line_is_after_headers = 1;
/* if the line was not a correct relay line nor the terminator and
* the end of the header lines has not been detected yet
* and it is key_value and bw_file_headers did not reach the maximum
* number of headers,
* then assume this line is a header and add it to bw_file_headers */
- else if (bw_file_headers &&
+ } else if (bw_file_headers &&
(line_is_after_headers == 0) &&
string_is_key_value(LOG_DEBUG, line) &&
- (smartlist_len(bw_file_headers) < MAX_BW_FILE_HEADERS_LEN)) {
+ !strchr(line, ' ') &&
+ (smartlist_len(bw_file_headers)
+ < MAX_BW_FILE_HEADER_COUNT_IN_VOTE)) {
line[strlen(line)-1] = '\0';
smartlist_add_strdup(bw_file_headers, line);
};