Reject votes (not consensuses) with >64 known-flags

Our flag voting code needs to handle unrecognized flags, so it stores them in a 64-bit bitfield. But we never actually checked for too many flags, so we were potentially doing stuff like U64_LITERAL(1)<<flagnum with flagnum >= 64. That's undefined behavior. Fix for bug 6833; bugfix on 0.2.0.1-alpha.
author: Nick Mathewson <nickm@torproject.org> 2012-09-13 11:45:05 -0400
committer: Nick Mathewson <nickm@torproject.org> 2012-09-13 11:45:05 -0400
commit: c8b98ba41ce37662cf14fdb3c6a74ae83b8b0bf8 (patch)
tree: 31a16ace0d585fb8491e4d3edf9be00f8a578ef0 /src/or/routerparse.c
parent: 582f2187a769ea723f6bf13bc91f7a4b3c861408 (diff)
download: tor-c8b98ba41ce37662cf14fdb3c6a74ae83b8b0bf8.tar.gz
tor-c8b98ba41ce37662cf14fdb3c6a74ae83b8b0bf8.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 22f7d78d88..496b90d4ad 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -3004,6 +3004,11 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out,
     log_warn(LD_DIR, "known-flags not in order");
     goto err;
   }
+  if (ns->type != NS_TYPE_CONSENSUS &&
+      smartlist_len(ns->known_flags) > MAX_KNOWN_FLAGS_IN_VOTE) {
+    log_warn(LD_DIR, "Too many known-flags in consensus vote or opinion");
+    goto err;
+  }
 
   tok = find_opt_by_keyword(tokens, K_PARAMS);
   if (tok) {
author	Nick Mathewson <nickm@torproject.org>	2012-09-13 11:45:05 -0400
committer	Nick Mathewson <nickm@torproject.org>	2012-09-13 11:45:05 -0400
commit	c8b98ba41ce37662cf14fdb3c6a74ae83b8b0bf8 (patch)
tree	31a16ace0d585fb8491e4d3edf9be00f8a578ef0 /src/or/routerparse.c
parent	582f2187a769ea723f6bf13bc91f7a4b3c861408 (diff)
download	tor-c8b98ba41ce37662cf14fdb3c6a74ae83b8b0bf8.tar.gz tor-c8b98ba41ce37662cf14fdb3c6a74ae83b8b0bf8.zip