Add function to validate HS descriptor ID

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2024-11-10 21:23:58 +01:00 · 2015-04-21 14:04:39 -04:00 · 2015-04-21 14:04:39 -04:00 · 6f5f38a0bc
commit 6f5f38a0bc
parent a4585405d6
5 changed files with 22 additions and 4 deletions
--- a/src/or/control.c
+++ b/src/or/control.c
@ -3284,7 +3284,7 @@ handle_control_hsfetch(control_connection_t *conn, uint32_t len,
  if (rend_valid_service_id(arg1)) {
    hsaddress = arg1;
  } else if (strcmpstart(arg1, v2_str) == 0 &&
-             strlen(arg1 + v2_str_len) == REND_DESC_ID_V2_LEN_BASE32 &&
+             rend_valid_descriptor_id(arg1 + v2_str_len) &&
             base32_decode(digest, sizeof(digest), arg1 + v2_str_len,
                           REND_DESC_ID_V2_LEN_BASE32) == 0) {
    /* We have a well formed version 2 descriptor ID. Keep the decoded value
--- a/src/or/directory.c
+++ b/src/or/directory.c
@ -3094,7 +3094,7 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
    /* Handle v2 rendezvous descriptor fetch request. */
    const char *descp;
    const char *query = url + strlen("/tor/rendezvous2/");
-    if (strlen(query) == REND_DESC_ID_V2_LEN_BASE32) {
+    if (rend_valid_descriptor_id(query)) {
      log_info(LD_REND, "Got a v2 rendezvous descriptor request for ID '%s'",
               safe_str(escaped(query)));
      switch (rend_cache_lookup_v2_desc_as_dir(query, &descp)) {
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@ -919,6 +919,24 @@ rend_valid_service_id(const char *query)
  return 1;
 }

+/** Return true iff <b>query</b> is a syntactically valid descriptor ID.
+ * (as generated by rend_get_descriptor_id_bytes). */
+int
+rend_valid_descriptor_id(const char *query)
+{
+  if (strlen(query) != REND_DESC_ID_V2_LEN_BASE32) {
+    goto invalid;
+  }
+  if (strspn(query, BASE32_CHARS) != REND_DESC_ID_V2_LEN_BASE32) {
+    goto invalid;
+  }
+
+  return 1;
+
+invalid:
+  return 0;
+}
+
 /** Lookup in the client cache the given service ID <b>query</b> for
 * <b>version</b>.
 *
--- a/src/or/rendcommon.h
+++ b/src/or/rendcommon.h
@ -37,6 +37,7 @@ void rend_cache_clean_v2_descs_as_dir(time_t now, size_t min_to_remove);
 void rend_cache_purge(void);
 void rend_cache_free_all(void);
 int rend_valid_service_id(const char *query);
+int rend_valid_descriptor_id(const char *query);
 int rend_cache_lookup_entry(const char *query, int version,
                            rend_cache_entry_t **entry_out);
 int rend_cache_lookup_v2_desc_as_dir(const char *query, const char **desc);
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@ -4572,8 +4572,7 @@ rend_parse_v2_service_descriptor(rend_service_descriptor_t **parsed_out,
  tok = find_by_keyword(tokens, R_RENDEZVOUS_SERVICE_DESCRIPTOR);
  tor_assert(tok == smartlist_get(tokens, 0));
  tor_assert(tok->n_args == 1);
-  if (strlen(tok->args[0]) != REND_DESC_ID_V2_LEN_BASE32 ||
-      strspn(tok->args[0], BASE32_CHARS) != REND_DESC_ID_V2_LEN_BASE32) {
+  if (!rend_valid_descriptor_id(tok->args[0])) {
    log_warn(LD_REND, "Invalid descriptor ID: '%s'", tok->args[0]);
    goto err;
  }