Merge remote-tracking branch 'public/bug17443_v2'

This commit is contained in:
Nick Mathewson 2016-03-21 11:21:31 -04:00
commit d567796946
2 changed files with 13 additions and 1 deletions

5
changes/bug17443 Normal file
View File

@ -0,0 +1,5 @@
o Minor bugfixes (tor-gencert):
- Correctly handle the case where an authority operator enters a
passphrase but sends an EOF before sending a newline.
Fixes bug 17443; bugfix on 0.2.0.20-rc. Found by "junglefowl".

View File

@ -96,14 +96,21 @@ load_passphrase(void)
{
char *cp;
char buf[1024]; /* "Ought to be enough for anybody." */
memset(buf, 0, sizeof(buf)); /* should be needless */
ssize_t n = read_all(passphrase_fd, buf, sizeof(buf), 0);
if (n < 0) {
log_err(LD_GENERAL, "Couldn't read from passphrase fd: %s",
strerror(errno));
return -1;
}
/* We'll take everything from the buffer except for optional terminating
* newline. */
cp = memchr(buf, '\n', n);
passphrase_len = cp-buf;
if (cp == NULL) {
passphrase_len = n;
} else {
passphrase_len = cp-buf;
}
passphrase = tor_strndup(buf, passphrase_len);
memwipe(buf, 0, sizeof(buf));
return 0;