diff options
-rw-r--r-- | ChangeLog | 2 | ||||
-rw-r--r-- | src/or/routerparse.c | 25 | ||||
-rw-r--r-- | src/or/test.c | 4 |
3 files changed, 19 insertions, 12 deletions
@@ -54,6 +54,8 @@ Changes in version 0.2.1.7-alpha - 2008-11-xx addresses. Possible fix for bug 845 and bug 811. - Make the assert_circuit_ok() function work correctly on circuits that have already been marked for close. + - Fix read-off-the-end-of-string error in unit tests when decoding + introduction points. Changes in version 0.2.1.6-alpha - 2008-09-30 diff --git a/src/or/routerparse.c b/src/or/routerparse.c index c6b7454966..d093b72220 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -3671,7 +3671,7 @@ rend_decrypt_introduction_points(char **ipos_decrypted, crypto_free_cipher_env(cipher); cipher = crypto_create_init_cipher(session_key, 0); len = ipos_encrypted_size - 2 - client_entries_len - CIPHER_IV_LEN; - dec = tor_malloc_zero(len); + dec = tor_malloc(len); declen = crypto_cipher_decrypt_with_iv(cipher, dec, len, ipos_encrypted + 2 + client_entries_len, ipos_encrypted_size - 2 - client_entries_len); @@ -3681,7 +3681,7 @@ rend_decrypt_introduction_points(char **ipos_decrypted, tor_free(dec); return -1; } - if (strcmpstart(dec, "introduction-point ")) { + if (memcmpstart(dec, declen, "introduction-point ")) { log_warn(LD_REND, "Decrypted introduction points don't " "look like we could parse them."); tor_free(dec); @@ -3731,7 +3731,7 @@ rend_parse_introduction_points(rend_service_descriptor_t *parsed, const char *intro_points_encoded, size_t intro_points_encoded_size) { - const char **current_ipo; + const char *current_ipo, *end_of_intro_points; smartlist_t *tokens; directory_token_t *tok; rend_intro_point_t *intro; @@ -3744,28 +3744,33 @@ rend_parse_introduction_points(rend_service_descriptor_t *parsed, tor_assert(intro_points_encoded); tor_assert(intro_points_encoded_size > 0); /* Consider one intro point after the other. */ - current_ipo = &intro_points_encoded; + current_ipo = intro_points_encoded; + end_of_intro_points = intro_points_encoded + intro_points_encoded_size; tokens = smartlist_create(); parsed->intro_nodes = smartlist_create(); area = memarea_new(4096); - while (!strcmpstart(*current_ipo, "introduction-point ")) { + + while (!memcmpstart(current_ipo, end_of_intro_points-current_ipo, + "introduction-point ")) { /* Determine end of string. */ - const char *eos = strstr(*current_ipo, "\nintroduction-point "); + const char *eos = tor_memstr(current_ipo, end_of_intro_points-current_ipo, + "\nintroduction-point "); if (!eos) - eos = *current_ipo+strlen(*current_ipo); + eos = end_of_intro_points; else eos = eos+1; + tor_assert(eos <= intro_points_encoded+intro_points_encoded_size); /* Free tokens and clear token list. */ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t)); smartlist_clear(tokens); memarea_clear(area); /* Tokenize string. */ - if (tokenize_string(area, *current_ipo, eos, tokens, ipo_token_table, 0)) { - log_warn(LD_REND, "Error tokenizing introduction point."); + if (tokenize_string(area, current_ipo, eos, tokens, ipo_token_table, 0)) { + log_warn(LD_REND, "Error tokenizing introduction point"); goto err; } /* Advance to next introduction point, if available. */ - *current_ipo = eos; + current_ipo = eos; /* Check minimum allowed length of introduction point. */ if (smartlist_len(tokens) < 5) { log_warn(LD_REND, "Impossibly short introduction point."); diff --git a/src/or/test.c b/src/or/test.c index cf142d279a..c90a35db0b 100644 --- a/src/or/test.c +++ b/src/or/test.c @@ -4262,8 +4262,8 @@ test_rend_fns_v2(void) test_assert(parsed); test_memeq(((rend_encoded_v2_service_descriptor_t *) smartlist_get(descs, 0))->desc_id, parsed_desc_id, DIGEST_LEN); - test_assert(rend_parse_introduction_points(parsed, intro_points_encrypted, - intro_points_size) == 3); + test_eq(rend_parse_introduction_points(parsed, intro_points_encrypted, + intro_points_size), 3); test_assert(!crypto_pk_cmp_keys(generated->pk, parsed->pk)); test_eq(parsed->timestamp, now); test_eq(parsed->version, 2); |