diff options
| author | Nick Mathewson <nickm@torproject.org> | 2018-03-01 16:07:59 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2018-03-01 16:07:59 -0500 |
| commit | d4a758e08373854639af6991ec95836fa7c15ca4 (patch) | |
| tree | b8e3daaa8c18eb3911c86913cf68463a7dc6b2e8 /src/or/protover.c | |
| parent | ac1942ac58d631af036acc97c73dad9d89b23aaf (diff) | |
| parent | c1bb8836ff6b3abe32a17ffb3ae25cfdc770ceb4 (diff) | |
| download | tor-d4a758e08373854639af6991ec95836fa7c15ca4.tar.gz tor-d4a758e08373854639af6991ec95836fa7c15ca4.zip | |
Merge branch 'maint-0.2.9' into maint-0.3.1
Diffstat (limited to 'src/or/protover.c')
| -rw-r--r-- | src/or/protover.c | 35 |
1 files changed, 29 insertions, 6 deletions
diff --git a/src/or/protover.c b/src/or/protover.c index 033e9063ac..45f0377d61 100644 --- a/src/or/protover.c +++ b/src/or/protover.c @@ -103,6 +103,9 @@ proto_entry_free(proto_entry_t *entry) tor_free(entry); } +/** The largest possible protocol version. */ +#define MAX_PROTOCOL_VERSION (UINT32_MAX-1) + /** * Given a string <b>s</b> and optional end-of-string pointer * <b>end_of_range</b>, parse the protocol range and store it in @@ -123,9 +126,14 @@ parse_version_range(const char *s, const char *end_of_range, if (BUG(!end_of_range)) end_of_range = s + strlen(s); // LCOV_EXCL_LINE + /* A range must start with a digit. */ + if (!TOR_ISDIGIT(*s)) { + goto error; + } + /* Note that this wouldn't be safe if we didn't know that eventually, * we'd hit a NUL */ - low = (uint32_t) tor_parse_ulong(s, 10, 0, UINT32_MAX, &ok, &next); + low = (uint32_t) tor_parse_ulong(s, 10, 0, MAX_PROTOCOL_VERSION, &ok, &next); if (!ok) goto error; if (next > end_of_range) @@ -138,13 +146,21 @@ parse_version_range(const char *s, const char *end_of_range, if (*next != '-') goto error; s = next+1; + /* ibid */ - high = (uint32_t) tor_parse_ulong(s, 10, 0, UINT32_MAX, &ok, &next); + if (!TOR_ISDIGIT(*s)) { + goto error; + } + high = (uint32_t) tor_parse_ulong(s, 10, 0, + MAX_PROTOCOL_VERSION, &ok, &next); if (!ok) goto error; if (next != end_of_range) goto error; + if (low > high) + goto error; + done: *high_out = high; *low_out = low; @@ -195,10 +211,6 @@ parse_single_entry(const char *s, const char *end_of_entry) goto error; } - if (range->low > range->high) { - goto error; - } - s = comma; while (*s == ',' && s < end_of_entry) ++s; @@ -554,6 +566,12 @@ protover_compute_vote(const smartlist_t *list_of_proto_strings, // First, parse the inputs and break them into singleton entries. SMARTLIST_FOREACH_BEGIN(list_of_proto_strings, const char *, vote) { smartlist_t *unexpanded = parse_protocol_list(vote); + if (! unexpanded) { + log_warn(LD_NET, "I failed with parsing a protocol list from " + "an authority. The offending string was: %s", + escaped(vote)); + continue; + } smartlist_t *this_vote = expand_protocol_list(unexpanded); if (this_vote == NULL) { log_warn(LD_NET, "When expanding a protocol list from an authority, I " @@ -618,6 +636,11 @@ protover_all_supported(const char *s, char **missing_out) } smartlist_t *entries = parse_protocol_list(s); + if (BUG(entries == NULL)) { + log_warn(LD_NET, "Received an unparseable protocol list %s" + " from the consensus", escaped(s)); + return 1; + } missing = smartlist_new(); |