Ensure that bw_file_headers is not bigger than max

This commit is contained in:
juga0 2018-06-30 13:56:38 +00:00
parent 317d930f08
commit 8164534f46
3 changed files with 24 additions and 10 deletions

View File

@ -254,7 +254,7 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
/* XXXX Abstraction violation: should be pulling a field out of v3_ns.*/ /* XXXX Abstraction violation: should be pulling a field out of v3_ns.*/
char *flag_thresholds = dirserv_get_flag_thresholds_line(); char *flag_thresholds = dirserv_get_flag_thresholds_line();
char *params; char *params;
char *bw_file_headers; char *bw_file_headers = NULL;
authority_cert_t *cert = v3_ns->cert; authority_cert_t *cert = v3_ns->cert;
char *methods = char *methods =
make_consensus_method_list(MIN_SUPPORTED_CONSENSUS_METHOD, make_consensus_method_list(MIN_SUPPORTED_CONSENSUS_METHOD,
@ -269,11 +269,19 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
else else
params = tor_strdup(""); params = tor_strdup("");
tor_assert(cert); tor_assert(cert);
if (v3_ns->bw_file_headers)
bw_file_headers = smartlist_join_strings(v3_ns->bw_file_headers, " ", 0, if (v3_ns->bw_file_headers) {
NULL); if (! BUG(smartlist_len(v3_ns->bw_file_headers)
else > MAX_BW_FILE_HEADER_COUNT_IN_VOTE)) {
bw_file_headers = tor_strdup(""); bw_file_headers = smartlist_join_strings(v3_ns->bw_file_headers, " ",
0, NULL);
if (BUG(strlen(bw_file_headers) > MAX_BW_FILE_HEADERS_LINE_LEN)) {
/* Free and set to NULL, so the vote header line is empty */
tor_free(bw_file_headers);
}
}
}
smartlist_add_asprintf(chunks, smartlist_add_asprintf(chunks,
"network-status-version 3\n" "network-status-version 3\n"
"vote-status %s\n" "vote-status %s\n"
@ -309,7 +317,8 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
voter->contact, voter->contact,
shared_random_vote_str ? shared_random_vote_str ?
shared_random_vote_str : "", shared_random_vote_str : "",
bw_file_headers); bw_file_headers ?
bw_file_headers : "");
tor_free(params); tor_free(params);
tor_free(flags); tor_free(flags);

View File

@ -89,6 +89,9 @@
#define DGV_INCLUDE_PENDING 2 #define DGV_INCLUDE_PENDING 2
#define DGV_INCLUDE_PREVIOUS 4 #define DGV_INCLUDE_PREVIOUS 4
/** Maximum size of a line in a vote. */
#define MAX_BW_FILE_HEADERS_LINE_LEN 1024
/* /*
* Public API. Used outside of the dirauth subsystem. * Public API. Used outside of the dirauth subsystem.
* *

View File

@ -2679,17 +2679,19 @@ dirserv_read_measured_bandwidths(const char *from_file,
applied_lines++; applied_lines++;
/* if the terminator is found, it is the end of header lines, set the /* if the terminator is found, it is the end of header lines, set the
* flag but do not store anything */ * flag but do not store anything */
} else if (strcmp(line, BW_FILE_TERMINATOR) == 0) } else if (strcmp(line, BW_FILE_HEADERS_TERMINATOR) == 0) {
line_is_after_headers = 1; line_is_after_headers = 1;
/* if the line was not a correct relay line nor the terminator and /* if the line was not a correct relay line nor the terminator and
* the end of the header lines has not been detected yet * the end of the header lines has not been detected yet
* and it is key_value and bw_file_headers did not reach the maximum * and it is key_value and bw_file_headers did not reach the maximum
* number of headers, * number of headers,
* then assume this line is a header and add it to bw_file_headers */ * then assume this line is a header and add it to bw_file_headers */
else if (bw_file_headers && } else if (bw_file_headers &&
(line_is_after_headers == 0) && (line_is_after_headers == 0) &&
string_is_key_value(LOG_DEBUG, line) && string_is_key_value(LOG_DEBUG, line) &&
(smartlist_len(bw_file_headers) < MAX_BW_FILE_HEADERS_LEN)) { !strchr(line, ' ') &&
(smartlist_len(bw_file_headers)
< MAX_BW_FILE_HEADER_COUNT_IN_VOTE)) {
line[strlen(line)-1] = '\0'; line[strlen(line)-1] = '\0';
smartlist_add_strdup(bw_file_headers, line); smartlist_add_strdup(bw_file_headers, line);
}; };