Home Explore Help
Sign In
sengler
/
tor-parallel-relay-conn
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

hs: Add an extra safety check on ESTABLISH_INTRO sig len

Signed-off-by: David Goulet <dgoulet@torproject.org>
David Goulet 9 years ago
parent
e043b96887
commit
b0ccb6bfa5
1 changed files with 5 additions and 1 deletions
Split View Show Diff Stats
  1. 5 1
      src/or/hs_intropoint.c

+ 5 - 1
src/or/hs_intropoint.c
View File 

@@ -70,7 +70,11 @@ verify_establish_intro_cell(const hs_cell_establish_intro_t *cell,
 
     ed25519_signature_t sig_struct;
 
     const uint8_t *sig_array = hs_cell_establish_intro_getconstarray_sig(cell);
 
 
-    if (hs_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig)) {
 
+    /* Make sure the signature length is of the right size. For EXTRA safety,
 
+     * we check both the size of the array and the length which must be the
 
+     * same. Safety first!*/
 
+    if (hs_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig) ||
 
+        hs_cell_establish_intro_get_sig_len(cell) != sizeof(sig_struct.sig)) {
 
       log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
 
              "ESTABLISH_INTRO sig len is invalid");
 
       return -1;