summaryrefslogtreecommitdiff
path: root/src/or
diff options
context:
space:
mode:
authorDavid Goulet <dgoulet@torproject.org>2016-12-16 12:09:22 -0500
committerDavid Goulet <dgoulet@torproject.org>2016-12-16 12:21:07 -0500
commitb0ccb6bfa505dc072c7af87261f6ac04e5e106db (patch)
treea37b2bdb844b6ce14c235d070b51be097b74878a /src/or
parente043b96887be4aaa103de8e4d31f8fc9008ae75d (diff)
downloadtor-b0ccb6bfa505dc072c7af87261f6ac04e5e106db.tar.gz
tor-b0ccb6bfa505dc072c7af87261f6ac04e5e106db.zip
hs: Add an extra safety check on ESTABLISH_INTRO sig len
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src/or')
-rw-r--r--src/or/hs_intropoint.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/src/or/hs_intropoint.c b/src/or/hs_intropoint.c
index bfc7ec3876..7bd80d5c9d 100644
--- a/src/or/hs_intropoint.c
+++ b/src/or/hs_intropoint.c
@@ -70,7 +70,11 @@ verify_establish_intro_cell(const hs_cell_establish_intro_t *cell,
ed25519_signature_t sig_struct;
const uint8_t *sig_array = hs_cell_establish_intro_getconstarray_sig(cell);
- if (hs_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig)) {
+ /* Make sure the signature length is of the right size. For EXTRA safety,
+ * we check both the size of the array and the length which must be the
+ * same. Safety first!*/
+ if (hs_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig) ||
+ hs_cell_establish_intro_get_sig_len(cell) != sizeof(sig_struct.sig)) {
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
"ESTABLISH_INTRO sig len is invalid");
return -1;