mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-14 15:23:27 +01:00
Check key_len in secret_to_key_new()
This bug shouldn't be reachable so long as secret_to_key_len and secret_to_key_make_specifier stay in sync, but we might screw up someday. Found by coverity; this is CID 1241500
This commit is contained in:
parent
801f4d4384
commit
7c52a0555a
@ -392,6 +392,9 @@ secret_to_key_new(uint8_t *buf,
|
|||||||
type = buf[0];
|
type = buf[0];
|
||||||
key_len = secret_to_key_key_len(type);
|
key_len = secret_to_key_key_len(type);
|
||||||
|
|
||||||
|
if (key_len < 0)
|
||||||
|
return key_len;
|
||||||
|
|
||||||
if ((int)buf_len < key_len + spec_len)
|
if ((int)buf_len < key_len + spec_len)
|
||||||
return S2K_TRUNCATED;
|
return S2K_TRUNCATED;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user