Fix a heap overflow found by debuger, and make it harder to make that mistake again

Our public key functions assumed that they were always writing into a large enough buffer. In one case, they weren't. (Incorporates fixes from sebastian)
author: Nick Mathewson <nickm@torproject.org> 2011-01-13 14:36:41 -0500
committer: Nick Mathewson <nickm@torproject.org> 2011-01-15 11:49:25 -0500
commit: 115782bdbe42e4b3d5cb386d2939a883bc381d12 (patch)
tree: facebd78bfcd426d3404999e5237c502fb34ebaa /src/or/routerlist.c
parent: a16902b9d4b0a912eb0a252bb945cbeaaa40dacb (diff)
download: tor-115782bdbe42e4b3d5cb386d2939a883bc381d12.tar.gz
tor-115782bdbe42e4b3d5cb386d2939a883bc381d12.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index c6c84a877d..7c8e36e402 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -4676,7 +4676,8 @@ routerinfo_incompatible_with_extrainfo(routerinfo_t *ri, extrainfo_t *ei,
 
   if (ei->pending_sig) {
     char signed_digest[128];
-    if (crypto_pk_public_checksig(ri->identity_pkey, signed_digest,
+    if (crypto_pk_public_checksig(ri->identity_pkey,
+                       signed_digest, sizeof(signed_digest),
                        ei->pending_sig, ei->pending_sig_len) != DIGEST_LEN ||
         memcmp(signed_digest, ei->cache_info.signed_descriptor_digest,
                DIGEST_LEN)) {
author	Nick Mathewson <nickm@torproject.org>	2011-01-13 14:36:41 -0500
committer	Nick Mathewson <nickm@torproject.org>	2011-01-15 11:49:25 -0500
commit	115782bdbe42e4b3d5cb386d2939a883bc381d12 (patch)
tree	facebd78bfcd426d3404999e5237c502fb34ebaa /src/or/routerlist.c
parent	a16902b9d4b0a912eb0a252bb945cbeaaa40dacb (diff)
download	tor-115782bdbe42e4b3d5cb386d2939a883bc381d12.tar.gz tor-115782bdbe42e4b3d5cb386d2939a883bc381d12.zip