From f2ddfdd50e52f9a6aa4afafccb5ad5e04f79e2cc Mon Sep 17 00:00:00 2001
From: trinity-1686a <trinity@deuxfleurs.fr>
Date: Wed, 15 Nov 2023 02:01:34 +0100
Subject: add sanity check in tor_memmem

it's believed most libc already have those, but just in case, it can't
hurt
---
 src/lib/string/util_string.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/lib/string/util_string.c b/src/lib/string/util_string.c
index b1c0a11439..60b5933e4d 100644
--- a/src/lib/string/util_string.c
+++ b/src/lib/string/util_string.c
@@ -31,6 +31,8 @@ tor_memmem(const void *_haystack, size_t hlen,
 {
 #if defined(HAVE_MEMMEM) && (!defined(__GNUC__) || __GNUC__ >= 2)
   raw_assert(nlen);
+  if (nlen > hlen)
+    return NULL;
   return memmem(_haystack, hlen, _needle, nlen);
 #else
   /* This isn't as fast as the GLIBC implementation, but it doesn't need to
-- 
cgit v1.2.3-54-g00ecf


From 0be627890cf43528cee90c0d216984279187922d Mon Sep 17 00:00:00 2001
From: trinity-1686a <trinity@deuxfleurs.fr>
Date: Tue, 21 Nov 2023 00:22:51 +0100
Subject: add changes file for sanity check on memmem

---
 changes/ticket40854 | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 changes/ticket40854

diff --git a/changes/ticket40854 b/changes/ticket40854
new file mode 100644
index 0000000000..1a5850cca0
--- /dev/null
+++ b/changes/ticket40854
@@ -0,0 +1,3 @@
+  o Minor feature (defense in depth):
+    - verify needle is smaller than haystack before calling memmem.
+      Closes ticket 40854.
-- 
cgit v1.2.3-54-g00ecf