summaryrefslogtreecommitdiff
path: root/src/or/protover.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2018-02-01 16:33:52 -0500
committerNick Mathewson <nickm@torproject.org>2018-03-01 16:05:17 -0500
commit65f2eec694f18a64291cc85317b9f22dacc1d8e4 (patch)
tree661e118d2f06c17c02ea0688c27ba424c2bab07e /src/or/protover.c
parentcb92d47deca15c44dd52cad6fc326520648c632e (diff)
downloadtor-65f2eec694f18a64291cc85317b9f22dacc1d8e4.tar.gz
tor-65f2eec694f18a64291cc85317b9f22dacc1d8e4.zip
Correctly handle NULL returns from parse_protocol_list when voting.
In some cases we had checked for it, but in others we had not. One of these cases could have been used to remotely cause denial-of-service against directory authorities while they attempted to vote. Fixes TROVE-2018-001.
Diffstat (limited to 'src/or/protover.c')
-rw-r--r--src/or/protover.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/src/or/protover.c b/src/or/protover.c
index 98957cabdf..a750774623 100644
--- a/src/or/protover.c
+++ b/src/or/protover.c
@@ -554,6 +554,12 @@ protover_compute_vote(const smartlist_t *list_of_proto_strings,
// First, parse the inputs and break them into singleton entries.
SMARTLIST_FOREACH_BEGIN(list_of_proto_strings, const char *, vote) {
smartlist_t *unexpanded = parse_protocol_list(vote);
+ if (! unexpanded) {
+ log_warn(LD_NET, "I failed with parsing a protocol list from "
+ "an authority. The offending string was: %s",
+ escaped(vote));
+ continue;
+ }
smartlist_t *this_vote = expand_protocol_list(unexpanded);
if (this_vote == NULL) {
log_warn(LD_NET, "When expanding a protocol list from an authority, I "