summaryrefslogtreecommitdiff
path: root/src/or
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2009-03-03 18:02:36 +0000
committerNick Mathewson <nickm@torproject.org>2009-03-03 18:02:36 +0000
commitcbbc0c9c8615d4541d99a0e3ff2027b878893888 (patch)
tree2e0ed8a31c2793cba8d1eeb6813e77610d5670d1 /src/or
parent26d83fc04c66d2c592ff64b62830c171266b4f75 (diff)
downloadtor-cbbc0c9c8615d4541d99a0e3ff2027b878893888.tar.gz
tor-cbbc0c9c8615d4541d99a0e3ff2027b878893888.zip
Actually use tor_sscanf() to parse untrusted input.
svn:r18761
Diffstat (limited to 'src/or')
-rw-r--r--src/or/directory.c4
-rw-r--r--src/or/test.c5
2 files changed, 7 insertions, 2 deletions
diff --git a/src/or/directory.c b/src/or/directory.c
index 6fac10dd7d..efccb1ef42 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -1247,7 +1247,7 @@ int
parse_http_response(const char *headers, int *code, time_t *date,
compress_method_t *compression, char **reason)
{
- int n1, n2;
+ unsigned n1, n2;
char datestr[RFC1123_TIME_LEN+1];
smartlist_t *parsed_headers;
tor_assert(headers);
@@ -1255,7 +1255,7 @@ parse_http_response(const char *headers, int *code, time_t *date,
while (TOR_ISSPACE(*headers)) headers++; /* tolerate leading whitespace */
- if (sscanf(headers, "HTTP/1.%d %d", &n1, &n2) < 2 ||
+ if (tor_sscanf(headers, "HTTP/1.%u %u", &n1, &n2) < 2 ||
(n1 != 0 && n1 != 1) ||
(n2 < 100 || n2 >= 600)) {
log_warn(LD_HTTP,"Failed to parse header %s",escaped(headers));
diff --git a/src/or/test.c b/src/or/test.c
index 46f717e893..ff05b1dafb 100644
--- a/src/or/test.c
+++ b/src/or/test.c
@@ -2796,6 +2796,11 @@ test_util_sscanf(void)
test_eq(u1, 12u);
test_eq(u2, 3u);
test_eq(u3, 99u);
+
+ r = tor_sscanf("99% fresh", "%3u%% fresh", &u1); /* percents are scannable.*/
+ test_eq(r, 1);
+ test_eq(u1, 99);
+
r = tor_sscanf("hello", "%s", s1); /* %s needs a number. */
test_eq(r, -1);
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion