nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 05:03:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add constness to length variables in tor_tls_cert_matches_key.

Browse Source 
We add constness to `peer_info_orig_len` and `cert_info_orig_len` in
`tor_tls_cert_matches_key` to ensure that we don't accidentally alter
the variables.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
This commit is contained in:
Alexander Færøy 2020-05-16 15:34:37 +00:00 committed by Nick Mathewson
parent b46984e97e
commit 06f1e959c2
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/lib/tls/tortls_nss.c
View File

@ -739,8 +739,8 @@ tor_tls_cert_matches_key,(const tor_tls_t *tls,
* in seckey.c in the NSS source tree. This function also does the conversion * in seckey.c in the NSS source tree. This function also does the conversion
* between bits and bytes. * between bits and bytes.
*/ */
unsigned int peer_info_orig_len = peer_info->subjectPublicKey.len; const unsigned int peer_info_orig_len = peer_info->subjectPublicKey.len;
unsigned int cert_info_orig_len = cert_info->subjectPublicKey.len; const unsigned int cert_info_orig_len = cert_info->subjectPublicKey.len;
peer_info->subjectPublicKey.len = (peer_info_orig_len >> 3); peer_info->subjectPublicKey.len = (peer_info_orig_len >> 3);
cert_info->subjectPublicKey.len = (cert_info_orig_len >> 3); cert_info->subjectPublicKey.len = (cert_info_orig_len >> 3);