aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2015-01-29 14:04:57 -0500
committerNick Mathewson <nickm@torproject.org>2015-01-29 14:09:57 -0500
commitbd630a899a1ff7658a0c52327fa3cce59e7213b4 (patch)
tree15ba81763548e6a6382e444bc57aff67abf80f6f /src
parentf935ee2dae5ca026a6bf81cc403bc50ae92bdd70 (diff)
downloadtor-bd630a899a1ff7658a0c52327fa3cce59e7213b4.tar.gz
tor-bd630a899a1ff7658a0c52327fa3cce59e7213b4.zip
Correctly reject packages lines with empty entries
Diffstat (limited to 'src')
-rw-r--r--src/or/dirserv.c42
-rw-r--r--src/test/test_dir.c7
2 files changed, 36 insertions, 13 deletions
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 3785d9adee..5c59fc7a5e 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -3300,22 +3300,38 @@ validate_recommended_package_line(const char *line)
WORD(); /* Skip URL */
++cp;
- /* Skip digestname=digestval + */
- int foundeq = 0;
- while (*cp) {
- if (*cp == ' ') {
- if (!foundeq)
- return 0;
- foundeq = 0;
- } else if (*cp == '=') {
- if (++foundeq > 1)
- return 0;
- }
- ++cp;
+ /* Skip digesttype=digestval + */
+ int n_entries = 0;
+ while (1) {
+ const char *start_of_word = cp;
+ const char *end_of_word = strchr(cp, ' ');
+ if (! end_of_word)
+ end_of_word = cp + strlen(cp);
+
+ if (start_of_word == end_of_word)
+ return 0;
+
+ const char *eq = memchr(start_of_word, '=', end_of_word - start_of_word);
+
+ if (!eq)
+ return 0;
+ if (eq == start_of_word)
+ return 0;
+ if (eq == end_of_word - 1)
+ return 0;
+ if (memchr(eq+1, '=', end_of_word - (eq+1)))
+ return 0;
+
+ ++n_entries;
+ if (0 == *end_of_word)
+ break;
+
+ cp = end_of_word + 1;
}
- if (!foundeq)
+ if (n_entries == 0)
return 0;
+
return 1;
}
diff --git a/src/test/test_dir.c b/src/test/test_dir.c
index 7d3d41401d..efc3ec7940 100644
--- a/src/test/test_dir.c
+++ b/src/test/test_dir.c
@@ -2961,6 +2961,13 @@ test_dir_packages(void *arg)
BAD("tor ");
BAD("tor");
BAD("");
+ BAD("=foobar sha256="
+ "3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7");
+ BAD("= = sha256="
+ "3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7");
+
+ BAD("sha512= sha256="
+ "3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7");
votes = smartlist_new();
smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t)));