mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 15:43:32 +01:00
Merge remote-tracking branch 'dgoulet/bug19066_029_01'
This commit is contained in:
commit
2a884926c0
5
changes/bug19066
Normal file
5
changes/bug19066
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
o Minor bugfixes (directory authority):
|
||||||
|
- When parsing detached signature, make sure we use the length of the
|
||||||
|
digest algorithm instead of an hardcoded DIGEST256_LEN in order to
|
||||||
|
avoid comparing bytes out of bound with a smaller digest length such
|
||||||
|
as SHA1. Fixes #19066; bugfix on tor-0.2.2.6-alpha.
|
@ -3508,7 +3508,7 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
|
|||||||
digest_algorithm_t alg;
|
digest_algorithm_t alg;
|
||||||
const char *flavor;
|
const char *flavor;
|
||||||
const char *hexdigest;
|
const char *hexdigest;
|
||||||
size_t expected_length;
|
size_t expected_length, digest_length;
|
||||||
|
|
||||||
tok = _tok;
|
tok = _tok;
|
||||||
|
|
||||||
@ -3533,6 +3533,8 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
|
|||||||
|
|
||||||
expected_length =
|
expected_length =
|
||||||
(alg == DIGEST_SHA1) ? HEX_DIGEST_LEN : HEX_DIGEST256_LEN;
|
(alg == DIGEST_SHA1) ? HEX_DIGEST_LEN : HEX_DIGEST256_LEN;
|
||||||
|
digest_length =
|
||||||
|
(alg == DIGEST_SHA1) ? DIGEST_LEN : DIGEST256_LEN;
|
||||||
|
|
||||||
if (strlen(hexdigest) != expected_length) {
|
if (strlen(hexdigest) != expected_length) {
|
||||||
log_warn(LD_DIR, "Wrong length on consensus-digest in detached "
|
log_warn(LD_DIR, "Wrong length on consensus-digest in detached "
|
||||||
@ -3541,12 +3543,12 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
|
|||||||
}
|
}
|
||||||
digests = detached_get_digests(sigs, flavor);
|
digests = detached_get_digests(sigs, flavor);
|
||||||
tor_assert(digests);
|
tor_assert(digests);
|
||||||
if (!tor_mem_is_zero(digests->d[alg], DIGEST256_LEN)) {
|
if (!tor_mem_is_zero(digests->d[alg], digest_length)) {
|
||||||
log_warn(LD_DIR, "Multiple digests for %s with %s on detached "
|
log_warn(LD_DIR, "Multiple digests for %s with %s on detached "
|
||||||
"signatures document", flavor, algname);
|
"signatures document", flavor, algname);
|
||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
if (base16_decode(digests->d[alg], DIGEST256_LEN,
|
if (base16_decode(digests->d[alg], digest_length,
|
||||||
hexdigest, strlen(hexdigest)) < 0) {
|
hexdigest, strlen(hexdigest)) < 0) {
|
||||||
log_warn(LD_DIR, "Bad encoding on consensus-digest in detached "
|
log_warn(LD_DIR, "Bad encoding on consensus-digest in detached "
|
||||||
"networkstatus signatures");
|
"networkstatus signatures");
|
||||||
|
Loading…
Reference in New Issue
Block a user