Properly handle non-terminated strings

Treat strings returned from signed_descriptor_get_body_impl() as not
NUL-terminated. Since the length of the strings is available, this is
not a big problem.

Discovered by rieo.

ChangeLog

@@ -9,6 +9,8 @@ Changes in version 0.2.1.25 - 2010-??-??
       fixes bug 1255.
     - Fix another dereference-then-NULL-check sequence. Bugfix on
       0.2.1.14-rc. Discovered by ekir, fixes bug 1256.
+    - Make sure we treat potentially not NUL-terminated strings correctly.
+      Bugfix on 0.1.1.13-alpha. Discovered by rieo, fixes bug 1257.
 
 Changes in version 0.2.1.24 - 2010-02-21
   Tor 0.2.1.24 makes Tor work again on the latest OS X -- this time

src/or/or.h

@@ -4566,7 +4566,7 @@ typedef struct tor_version_t {
   int svn_revision;
 } tor_version_t;
 
-int router_get_router_hash(const char *s, char *digest);
+int router_get_router_hash(const char *s, size_t s_len, char *digest);
 int router_get_dir_hash(const char *s, char *digest);
 int router_get_runningrouters_hash(const char *s, char *digest);
 int router_get_networkstatus_v2_hash(const char *s, char *digest);

src/or/router.c

@@ -1418,6 +1418,7 @@ router_rebuild_descriptor(int force)
     ei->cache_info.send_unencrypted = 1;
 
   router_get_router_hash(ri->cache_info.signed_descriptor_body,
+                         strlen(ri->cache_info.signed_descriptor_body),
                          ri->cache_info.signed_descriptor_digest);
 
   routerinfo_set_country(ri);
@@ -1784,7 +1785,7 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
   strlcpy(s+written, "router-signature\n", maxlen-written);
   written += strlen(s+written);
   s[written] = '\0';
-  if (router_get_router_hash(s, digest) < 0) {
+  if (router_get_router_hash(s, strlen(s), digest) < 0) {
     return -1;
   }
 

src/or/routerlist.c

@@ -577,8 +577,6 @@ signed_desc_append_to_journal(signed_descriptor_t *desc,
   const char *body = signed_descriptor_get_body_impl(desc,1);
   size_t len = desc->signed_descriptor_len + desc->annotations_len;
 
-  tor_assert(len == strlen(body));
-
   if (append_bytes_to_file(fname, body, len, 1)) {
     log_warn(LD_FS, "Unable to store router descriptor");
     tor_free(fname);

src/or/routerparse.c

@@ -451,9 +451,10 @@ static int router_add_exit_policy(routerinfo_t *router,directory_token_t *tok);
 static addr_policy_t *router_parse_addr_policy(directory_token_t *tok);
 static addr_policy_t *router_parse_addr_policy_private(directory_token_t *tok);
 
-static int router_get_hash_impl(const char *s, char *digest,
+static int router_get_hash_impl(const char *s, size_t s_len, char *digest,
                                 const char *start_str, const char *end_str,
                                 char end_char);
+
 static void token_free(directory_token_t *tok);
 static smartlist_t *find_all_exitpolicy(smartlist_t *s);
 static directory_token_t *_find_by_keyword(smartlist_t *s,
@@ -504,7 +505,7 @@ static int tor_version_same_series(tor_version_t *a, tor_version_t *b);
 int
 router_get_dir_hash(const char *s, char *digest)
 {
-  return router_get_hash_impl(s,digest,
+  return router_get_hash_impl(s, strlen(s), digest,
                               "signed-directory","\ndirectory-signature",'\n');
 }
 
@@ -512,9 +513,9 @@ router_get_dir_hash(const char *s, char *digest)
  * <b>s</b>. Return 0 on success, -1 on failure.
  */
 int
-router_get_router_hash(const char *s, char *digest)
+router_get_router_hash(const char *s, size_t s_len, char *digest)
 {
-  return router_get_hash_impl(s,digest,
+  return router_get_hash_impl(s, s_len, digest,
                               "router ","\nrouter-signature", '\n');
 }
 
@@ -524,7 +525,7 @@ router_get_router_hash(const char *s, char *digest)
 int
 router_get_runningrouters_hash(const char *s, char *digest)
 {
-  return router_get_hash_impl(s,digest,
+  return router_get_hash_impl(s, strlen(s), digest,
                               "network-status","\ndirectory-signature", '\n');
 }
 
@@ -533,7 +534,7 @@ router_get_runningrouters_hash(const char *s, char *digest)
 int
 router_get_networkstatus_v2_hash(const char *s, char *digest)
 {
-  return router_get_hash_impl(s,digest,
+  return router_get_hash_impl(s, strlen(s), digest,
                               "network-status-version","\ndirectory-signature",
                               '\n');
 }
@@ -543,8 +544,9 @@ router_get_networkstatus_v2_hash(const char *s, char *digest)
 int
 router_get_networkstatus_v3_hash(const char *s, char *digest)
 {
-  return router_get_hash_impl(s,digest,
-                              "network-status-version","\ndirectory-signature",
+  return router_get_hash_impl(s, strlen(s), digest,
+                              "network-status-version",
+                              "\ndirectory-signature",
                               ' ');
 }
 
@@ -553,7 +555,8 @@ router_get_networkstatus_v3_hash(const char *s, char *digest)
 int
 router_get_extrainfo_hash(const char *s, char *digest)
 {
-  return router_get_hash_impl(s,digest,"extra-info","\nrouter-signature",'\n');
+  return router_get_hash_impl(s, strlen(s), digest, "extra-info",
+                              "\nrouter-signature",'\n');
 }
 
 /** Helper: used to generate signatures for routers, directories and
@@ -1118,6 +1121,8 @@ dump_distinct_digest_count(int severity)
  * s through end into the signed_descriptor_body of the resulting
  * routerinfo_t.
  *
+ * If <b>end</b> is NULL, <b>s</b> must be properly NULL-terminated.
+ *
  * If <b>allow_annotations</b>, it's okay to encounter annotations in <b>s</b>
  * before the router; if it's false, reject the router if it's annotated.  If
  * <b>prepend_annotations</b> is set, it should contain some annotations:
@@ -1180,7 +1185,7 @@ router_parse_entry_from_string(const char *s, const char *end,
     }
   }
 
-  if (router_get_router_hash(s, digest) < 0) {
+  if (router_get_router_hash(s, end - s, digest) < 0) {
     log_warn(LD_DIR, "Couldn't compute router hash.");
     goto err;
   }
@@ -1600,7 +1605,7 @@ authority_cert_parse_from_string(const char *s, const char **end_of_string)
     log_warn(LD_DIR, "Error tokenizing key certificate");
     goto err;
   }
-  if (router_get_hash_impl(s, digest, "dir-key-certificate-version",
+  if (router_get_hash_impl(s, strlen(s), digest, "dir-key-certificate-version",
                            "\ndir-key-certification", '\n') < 0)
     goto err;
   tok = smartlist_get(tokens, 0);
@@ -2159,6 +2164,7 @@ networkstatus_v2_parse_from_string(const char *s)
   return ns;
 }
 
+
 /** Parse a v3 networkstatus vote, opinion, or consensus (depending on
  * ns_type), from <b>s</b>, and return the result.  Return NULL on failure. */
 networkstatus_t *
@@ -3295,12 +3301,12 @@ find_all_exitpolicy(smartlist_t *s)
  * If no such substring exists, return -1.
  */
 static int
-router_get_hash_impl(const char *s, char *digest,
-                     const char *start_str,
-                     const char *end_str, char end_c)
+router_get_hash_impl(const char *s, size_t s_len, char *digest,
+                            const char *start_str,
+                            const char *end_str, char end_c)
 {
-  char *start, *end;
-  start = strstr(s, start_str);
+  const char *start, *end;
+  start = tor_memstr(s, s_len, start_str);
   if (!start) {
     log_warn(LD_DIR,"couldn't find start of hashed material \"%s\"",start_str);
     return -1;
@@ -3311,12 +3317,13 @@ router_get_hash_impl(const char *s, char *digest,
              start_str);
     return -1;
   }
-  end = strstr(start+strlen(start_str), end_str);
+  end = tor_memstr(start+strlen(start_str),
+                   s_len - (start-s) - strlen(start_str), end_str);
   if (!end) {
     log_warn(LD_DIR,"couldn't find end of hashed material \"%s\"",end_str);
     return -1;
   }
-  end = strchr(end+strlen(end_str), end_c);
+  end = memchr(end+strlen(end_str), end_c, s_len - (end-s) - strlen(end_str));
   if (!end) {
     log_warn(LD_DIR,"couldn't find EOL");
     return -1;
@@ -3564,7 +3571,7 @@ rend_parse_v2_service_descriptor(rend_service_descriptor_t **parsed_out,
     goto err;
   }
   /* Compute descriptor hash for later validation. */
-  if (router_get_hash_impl(desc, desc_hash,
+  if (router_get_hash_impl(desc, strlen(desc), desc_hash,
                            "rendezvous-service-descriptor ",
                            "\nsignature", '\n') < 0) {
     log_warn(LD_REND, "Couldn't compute descriptor hash.");