Reject Tor versions that contain non-numeric prefixes

strto* and _atoi64 accept +, -, and various whitespace before numeric characters. And permitted whitespace is different between POSIX and Windows. Fixes bug 21507 and part of 21508; bugfix on 0.0.8pre1.
author: teor <teor2345@gmail.com> 2017-02-19 22:38:06 +1100
committer: teor <teor2345@gmail.com> 2017-02-19 22:38:06 +1100
commit: 57154e71aa3b0ff205f2700e97f0ffe4531e1330 (patch)
tree: 60e13a8caddc4cfad3bf62775e41b3e9e2a13407 /src/or/routerparse.c
parent: 67cec7578cab40ce43b54d4dfc1370894b91d28f (diff)
download: tor-57154e71aa3b0ff205f2700e97f0ffe4531e1330.tar.gz
tor-57154e71aa3b0ff205f2700e97f0ffe4531e1330.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 2ee0d2720e..521e237be2 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -5621,6 +5621,8 @@ tor_version_parse(const char *s, tor_version_t *out)
 
 #define NUMBER(m)                               \
   do {                                          \
+    if (!cp || *cp < '0' || *cp > '9')          \
+      return -1;                                \
     out->m = (int)tor_parse_uint64(cp, 10, 0, INT32_MAX, &ok, &eos);    \
     if (!ok)                                    \
       return -1;                                \
author	teor <teor2345@gmail.com>	2017-02-19 22:38:06 +1100
committer	teor <teor2345@gmail.com>	2017-02-19 22:38:06 +1100
commit	57154e71aa3b0ff205f2700e97f0ffe4531e1330 (patch)
tree	60e13a8caddc4cfad3bf62775e41b3e9e2a13407 /src/or/routerparse.c
parent	67cec7578cab40ce43b54d4dfc1370894b91d28f (diff)
download	tor-57154e71aa3b0ff205f2700e97f0ffe4531e1330.tar.gz tor-57154e71aa3b0ff205f2700e97f0ffe4531e1330.zip