diff options
author | Nick Mathewson <nickm@torproject.org> | 2018-03-01 16:10:43 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2018-03-01 16:10:43 -0500 |
commit | f7eff2f8c53dacb7c375bbe6bc9cced95103307d (patch) | |
tree | deb81935dbfb88fed884353f3a567ef5261174c4 /src/or/protover.c | |
parent | d489e4847b1ec30cb127ce6db675e2316c1772e3 (diff) | |
parent | d01abb9346bcb7b240b5277551ea75e85dfc160c (diff) | |
download | tor-f7eff2f8c53dacb7c375bbe6bc9cced95103307d.tar.gz tor-f7eff2f8c53dacb7c375bbe6bc9cced95103307d.zip |
Merge branch 'maint-0.3.2' into maint-0.3.3
Diffstat (limited to 'src/or/protover.c')
-rw-r--r-- | src/or/protover.c | 35 |
1 files changed, 29 insertions, 6 deletions
diff --git a/src/or/protover.c b/src/or/protover.c index 41b50df87f..cb168085c6 100644 --- a/src/or/protover.c +++ b/src/or/protover.c @@ -106,6 +106,9 @@ proto_entry_free_(proto_entry_t *entry) tor_free(entry); } +/** The largest possible protocol version. */ +#define MAX_PROTOCOL_VERSION (UINT32_MAX-1) + /** * Given a string <b>s</b> and optional end-of-string pointer * <b>end_of_range</b>, parse the protocol range and store it in @@ -126,9 +129,14 @@ parse_version_range(const char *s, const char *end_of_range, if (BUG(!end_of_range)) end_of_range = s + strlen(s); // LCOV_EXCL_LINE + /* A range must start with a digit. */ + if (!TOR_ISDIGIT(*s)) { + goto error; + } + /* Note that this wouldn't be safe if we didn't know that eventually, * we'd hit a NUL */ - low = (uint32_t) tor_parse_ulong(s, 10, 0, UINT32_MAX, &ok, &next); + low = (uint32_t) tor_parse_ulong(s, 10, 0, MAX_PROTOCOL_VERSION, &ok, &next); if (!ok) goto error; if (next > end_of_range) @@ -141,13 +149,21 @@ parse_version_range(const char *s, const char *end_of_range, if (*next != '-') goto error; s = next+1; + /* ibid */ - high = (uint32_t) tor_parse_ulong(s, 10, 0, UINT32_MAX, &ok, &next); + if (!TOR_ISDIGIT(*s)) { + goto error; + } + high = (uint32_t) tor_parse_ulong(s, 10, 0, + MAX_PROTOCOL_VERSION, &ok, &next); if (!ok) goto error; if (next != end_of_range) goto error; + if (low > high) + goto error; + done: *high_out = high; *low_out = low; @@ -198,10 +214,6 @@ parse_single_entry(const char *s, const char *end_of_entry) goto error; } - if (range->low > range->high) { - goto error; - } - s = comma; while (*s == ',' && s < end_of_entry) ++s; @@ -596,6 +608,12 @@ protover_compute_vote(const smartlist_t *list_of_proto_strings, // First, parse the inputs and break them into singleton entries. SMARTLIST_FOREACH_BEGIN(list_of_proto_strings, const char *, vote) { smartlist_t *unexpanded = parse_protocol_list(vote); + if (! unexpanded) { + log_warn(LD_NET, "I failed with parsing a protocol list from " + "an authority. The offending string was: %s", + escaped(vote)); + continue; + } smartlist_t *this_vote = expand_protocol_list(unexpanded); if (this_vote == NULL) { log_warn(LD_NET, "When expanding a protocol list from an authority, I " @@ -660,6 +678,11 @@ protover_all_supported(const char *s, char **missing_out) } smartlist_t *entries = parse_protocol_list(s); + if (BUG(entries == NULL)) { + log_warn(LD_NET, "Received an unparseable protocol list %s" + " from the consensus", escaped(s)); + return 1; + } missing = smartlist_new(); |