From b3affc23ef263a978b89e783f55ad3e37c873b9a Mon Sep 17 00:00:00 2001
From: cypherpunks <cypherpunks@torproject.org>
Date: Sat, 8 Feb 2020 20:20:54 +0000
Subject: [PATCH] dirparse: reject routerstatus entries with malformed protover

Contrary to its name, protover_contains_long_protocol_names()
detects all parse errors, not just long names.
---
 src/feature/dirparse/ns_parse.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/feature/dirparse/ns_parse.c b/src/feature/dirparse/ns_parse.c
index 7cb92ebe59..2354ebf440 100644
--- a/src/feature/dirparse/ns_parse.c
+++ b/src/feature/dirparse/ns_parse.c
@@ -13,6 +13,7 @@
 
 #include "core/or/or.h"
 #include "app/config/config.h"
+#include "core/or/protover.h"
 #include "core/or/versions.h"
 #include "feature/client/entrynodes.h"
 #include "feature/dirauth/dirvote.h"
@@ -451,6 +452,10 @@ routerstatus_parse_entry_from_string(memarea_t *area,
       }
     }
 
+    // If the protover line is malformed, reject this routerstatus.
+    if (protocols && protover_contains_long_protocol_names(protocols)) {
+      goto err;
+    }
     summarize_protover_flags(&rs->pv, protocols, version);
   }