nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-14 07:03:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Check key_len in secret_to_key_new()

Browse Source 
This bug shouldn't be reachable so long as secret_to_key_len and
secret_to_key_make_specifier stay in sync, but we might screw up
someday.

Found by coverity; this is CID 1241500
This commit is contained in:
Nick Mathewson 2014-09-26 09:06:36 -04:00
parent 801f4d4384
commit 7c52a0555a
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/common/crypto_s2k.c
View File

@ -392,6 +392,9 @@ secret_to_key_new(uint8_t *buf,
type = buf[0]; type = buf[0];
key_len = secret_to_key_key_len(type); key_len = secret_to_key_key_len(type);
if (key_len < 0)
return key_len;
if ((int)buf_len < key_len + spec_len) if ((int)buf_len < key_len + spec_len)
return S2K_TRUNCATED; return S2K_TRUNCATED;