commit b0ccb6bfa505dc072c7af87261f6ac04e5e106db Author: David Goulet <dgoulet@torproject.org> Date: Fri Dec 16 12:09:22 2016 -0500 hs: Add an extra safety check on ESTABLISH_INTRO sig len Signed-off-by: David Goulet <dgoulet@torproject.org> --- src/or/hs_intropoint.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/or/hs_intropoint.c b/src/or/hs_intropoint.c index bfc7ec3..7bd80d5 100644 --- a/src/or/hs_intropoint.c +++ b/src/or/hs_intropoint.c @@ -70,7 +70,11 @@ verify_establish_intro_cell(const hs_cell_establish_intro_t *cell, ed25519_signature_t sig_struct; const uint8_t *sig_array = hs_cell_establish_intro_getconstarray_sig(cell); - if (hs_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig)) { + /* Make sure the signature length is of the right size. For EXTRA safety, + * we check both the size of the array and the length which must be the + * same. Safety first!*/ + if (hs_cell_establish_intro_getlen_sig(cell) != sizeof(sig_struct.sig) || + hs_cell_establish_intro_get_sig_len(cell) != sizeof(sig_struct.sig)) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "ESTABLISH_INTRO sig len is invalid"); return -1;