diff options
-rw-r--r-- | changes/bug6827 | 9 | ||||
-rw-r--r-- | src/or/or.h | 7 | ||||
-rw-r--r-- | src/or/routerparse.c | 3 |
3 files changed, 17 insertions, 2 deletions
diff --git a/changes/bug6827 b/changes/bug6827 new file mode 100644 index 0000000000..bf71d2b97c --- /dev/null +++ b/changes/bug6827 @@ -0,0 +1,9 @@ + o Minor bugfixes: + + - Avoid undefined behaviour when parsing the list of supported + rendezvous/introduction protocols in a hidden service + descriptor. Previously, Tor would have confused (as-yet-unused) + protocol version numbers greater than 32 with lower ones on many + platforms. Fixes bug 6827; bugfix on 0.2.0.10-alpha; found by + George Kadianakis. + diff --git a/src/or/or.h b/src/or/or.h index 788179bacc..bb5482bf83 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4292,14 +4292,17 @@ typedef struct rend_intro_point_t { time_t time_expiring; } rend_intro_point_t; +#define REND_PROTOCOL_VERSION_BITMASK_WIDTH 16 + /** Information used to connect to a hidden service. Used on both the * service side and the client side. */ typedef struct rend_service_descriptor_t { crypto_pk_t *pk; /**< This service's public key. */ int version; /**< Version of the descriptor format: 0 or 2. */ time_t timestamp; /**< Time when the descriptor was generated. */ - uint16_t protocols; /**< Bitmask: which rendezvous protocols are supported? - * (We allow bits '0', '1', and '2' to be set.) */ + /** Bitmask: which rendezvous protocols are supported? + * (We allow bits '0', '1', and '2' to be set.) */ + int protocols : REND_PROTOCOL_VERSION_BITMASK_WIDTH; /** List of the service's introduction points. Elements are removed if * introduction attempts fail. */ smartlist_t *intro_nodes; diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 6b94c6bfdd..22f7d78d88 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -4854,6 +4854,9 @@ rend_parse_v2_service_descriptor(rend_service_descriptor_t **parsed_out, 10, 0, INT_MAX, &num_ok, NULL); if (!num_ok) /* It's a string; let's ignore it. */ continue; + if (version >= REND_PROTOCOL_VERSION_BITMASK_WIDTH) + /* Avoid undefined left-shift behaviour. */ + continue; result->protocols |= 1 << version; } SMARTLIST_FOREACH(versions, char *, cp, tor_free(cp)); |