diff options
| author | Nick Mathewson <nickm@torproject.org> | 2015-06-22 13:51:56 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-06-22 13:51:56 -0400 |
| commit | e0b7598833238766b157f8eb799f448dac4c1283 (patch) | |
| tree | 454d8d79c9cdd25093f63eeb0db9899cbdd8142c /src/or | |
| parent | c8cb55659acca96530a1d7f54bb96cac84626e17 (diff) | |
| download | tor-e0b7598833238766b157f8eb799f448dac4c1283.tar.gz tor-e0b7598833238766b157f8eb799f448dac4c1283.zip | |
Repair breakage in early-error case of microdesc parsing
When I fixed #11243, I made it so we would take the digest of a
descriptor before tokenizing it, so we could desist from download
attempts if parsing failed. But when I did that, I didn't remove an
assertion that the descriptor began with "onion-key". Usually, this
was enforced by "find_start_of_next_microdescriptor", but when
find_start_of_next_microdescriptor returned NULL, the assertion was
triggered.
Fixes bug 16400. Thanks to torkeln for reporting and
cypherpunks_backup for diagnosing and writing the first fix here.
Diffstat (limited to 'src/or')
| -rw-r--r-- | src/or/routerparse.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 9c6651292c..dcf419798a 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -1,4 +1,4 @@ -/* Copyright (c) 2001 Matej Pfajfar. + /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. * Copyright (c) 2007-2015, The Tor Project, Inc. */ @@ -4165,7 +4165,10 @@ microdescs_parse_from_string(const char *s, const char *eos, { const char *cp = tor_memstr(s, start_of_next_microdesc-s, "onion-key"); - tor_assert(cp); + const int no_onion_key = (cp == NULL); + if (no_onion_key) { + cp = s; /* So that we have *some* junk to put in the body */ + } md->bodylen = start_of_next_microdesc - cp; md->saved_location = where; @@ -4174,8 +4177,13 @@ microdescs_parse_from_string(const char *s, const char *eos, else md->body = (char*)cp; md->off = cp - start; + crypto_digest256(md->digest, md->body, md->bodylen, DIGEST_SHA256); + if (no_onion_key) { + log_fn(LOG_PROTOCOL_WARN, LD_DIR, "Malformed or truncated descriptor"); + goto next; + } } - crypto_digest256(md->digest, md->body, md->bodylen, DIGEST_SHA256); + if (tokenize_string(area, s, start_of_next_microdesc, tokens, microdesc_token_table, flags)) { |