[metrics-lib/release] Fix NPE when parsing invalid crypto blocks.
commit d6e9a0d75eb70500aa05097e3d09f4c77d37ddbb Author: Karsten Loesing <karsten.loesing@gmx.net> Date: Wed Nov 20 17:19:44 2019 +0100 Fix NPE when parsing invalid crypto blocks. --- CHANGELOG.md | 4 ++++ .../descriptor/impl/DirectoryKeyCertificateImpl.java | 4 ++++ .../org/torproject/descriptor/impl/DirectorySignatureImpl.java | 4 ++++ .../torproject/descriptor/impl/ExtraInfoDescriptorImpl.java | 4 ++++ .../org/torproject/descriptor/impl/MicrodescriptorImpl.java | 4 ++++ .../org/torproject/descriptor/impl/RelayDirectoryImpl.java | 8 ++++++++ .../org/torproject/descriptor/impl/RelayNetworkStatusImpl.java | 8 ++++++++ .../torproject/descriptor/impl/RelayNetworkStatusVoteImpl.java | 4 ++++ .../org/torproject/descriptor/impl/ServerDescriptorImpl.java | 4 ++++ .../descriptor/impl/ExtraInfoDescriptorImplTest.java | 10 ++++++++++ .../torproject/descriptor/impl/ServerDescriptorImplTest.java | 10 ++++++++++ 11 files changed, 64 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1cf59e0..568f115 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # Changes in version 2.?.? - 2019-1?-?? + * Minor changes + - Fix a NullPointerException when parsing an invalid crypto block + starting with "-----END " rather than "-----BEGIN ". + # Changes in version 2.9.1 - 2019-11-09 diff --git a/src/main/java/org/torproject/descriptor/impl/DirectoryKeyCertificateImpl.java b/src/main/java/org/torproject/descriptor/impl/DirectoryKeyCertificateImpl.java index a9268ce..8ae1ed7 100644 --- a/src/main/java/org/torproject/descriptor/impl/DirectoryKeyCertificateImpl.java +++ b/src/main/java/org/torproject/descriptor/impl/DirectoryKeyCertificateImpl.java @@ -80,6 +80,10 @@ public class DirectoryKeyCertificateImpl extends DescriptorImpl crypto.append(line).append(NL); break; case CRYPTO_END: + if (null == crypto) { + throw new DescriptorParseException(Key.CRYPTO_END + " before " + + Key.CRYPTO_BEGIN); + } crypto.append(line).append(NL); String cryptoString = crypto.toString(); crypto = null; diff --git a/src/main/java/org/torproject/descriptor/impl/DirectorySignatureImpl.java b/src/main/java/org/torproject/descriptor/impl/DirectorySignatureImpl.java index 6430e7f..248d546 100644 --- a/src/main/java/org/torproject/descriptor/impl/DirectorySignatureImpl.java +++ b/src/main/java/org/torproject/descriptor/impl/DirectorySignatureImpl.java @@ -70,6 +70,10 @@ public class DirectorySignatureImpl implements DirectorySignature { crypto.append(line).append(NL); break; case CRYPTO_END: + if (null == crypto) { + throw new DescriptorParseException(Key.CRYPTO_END + " before " + + Key.CRYPTO_BEGIN); + } crypto.append(line).append(NL); String cryptoString = crypto.toString(); crypto = null; diff --git a/src/main/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImpl.java b/src/main/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImpl.java index 7053ced..17ac6e5 100644 --- a/src/main/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImpl.java +++ b/src/main/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImpl.java @@ -242,6 +242,10 @@ public abstract class ExtraInfoDescriptorImpl extends DescriptorImpl cryptoLines.add(line); break; case CRYPTO_END: + if (null == cryptoLines) { + throw new DescriptorParseException(Key.CRYPTO_END + " before " + + Key.CRYPTO_BEGIN); + } cryptoLines.add(line); StringBuilder sb = new StringBuilder(); for (String cryptoLine : cryptoLines) { diff --git a/src/main/java/org/torproject/descriptor/impl/MicrodescriptorImpl.java b/src/main/java/org/torproject/descriptor/impl/MicrodescriptorImpl.java index dc9795c..47028bd 100644 --- a/src/main/java/org/torproject/descriptor/impl/MicrodescriptorImpl.java +++ b/src/main/java/org/torproject/descriptor/impl/MicrodescriptorImpl.java @@ -71,6 +71,10 @@ public class MicrodescriptorImpl extends DescriptorImpl crypto.append(line).append(NL); break; case CRYPTO_END: + if (null == crypto) { + throw new DescriptorParseException(Key.CRYPTO_END + " before " + + Key.CRYPTO_BEGIN); + } crypto.append(line).append(NL); String cryptoString = crypto.toString(); crypto = null; diff --git a/src/main/java/org/torproject/descriptor/impl/RelayDirectoryImpl.java b/src/main/java/org/torproject/descriptor/impl/RelayDirectoryImpl.java index 6370e87..55303d2 100644 --- a/src/main/java/org/torproject/descriptor/impl/RelayDirectoryImpl.java +++ b/src/main/java/org/torproject/descriptor/impl/RelayDirectoryImpl.java @@ -125,6 +125,10 @@ public class RelayDirectoryImpl extends DescriptorImpl crypto.append(line).append(NL); break; case CRYPTO_END: + if (null == crypto) { + throw new DescriptorParseException(Key.CRYPTO_END + " before " + + Key.CRYPTO_BEGIN); + } crypto.append(line).append(NL); String cryptoString = crypto.toString(); crypto = null; @@ -215,6 +219,10 @@ public class RelayDirectoryImpl extends DescriptorImpl crypto.append(line).append(NL); break; case CRYPTO_END: + if (null == crypto) { + throw new DescriptorParseException(Key.CRYPTO_END + " before " + + Key.CRYPTO_BEGIN); + } crypto.append(line).append(NL); String cryptoString = crypto.toString(); crypto = null; diff --git a/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusImpl.java b/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusImpl.java index 11cc631..1af9503 100644 --- a/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusImpl.java +++ b/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusImpl.java @@ -81,6 +81,10 @@ public class RelayNetworkStatusImpl extends NetworkStatusImpl crypto.append(line).append(NL); break; case CRYPTO_END: + if (null == crypto) { + throw new DescriptorParseException(Key.CRYPTO_END + " before " + + Key.CRYPTO_BEGIN); + } crypto.append(line).append(NL); String cryptoString = crypto.toString(); crypto = null; @@ -130,6 +134,10 @@ public class RelayNetworkStatusImpl extends NetworkStatusImpl crypto.append(line).append(NL); break; case CRYPTO_END: + if (null == crypto) { + throw new DescriptorParseException(Key.CRYPTO_END + " before " + + Key.CRYPTO_BEGIN); + } crypto.append(line).append(NL); String cryptoString = crypto.toString(); crypto = null; diff --git a/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusVoteImpl.java b/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusVoteImpl.java index bb71842..8e83b83 100644 --- a/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusVoteImpl.java +++ b/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusVoteImpl.java @@ -186,6 +186,10 @@ public class RelayNetworkStatusVoteImpl extends NetworkStatusImpl crypto.append(line).append(NL); break; case CRYPTO_END: + if (null == crypto) { + throw new DescriptorParseException(Key.CRYPTO_END + " before " + + Key.CRYPTO_BEGIN); + } crypto.append(line).append(NL); String cryptoString = crypto.toString(); crypto = null; diff --git a/src/main/java/org/torproject/descriptor/impl/ServerDescriptorImpl.java b/src/main/java/org/torproject/descriptor/impl/ServerDescriptorImpl.java index 995909c..7102335 100644 --- a/src/main/java/org/torproject/descriptor/impl/ServerDescriptorImpl.java +++ b/src/main/java/org/torproject/descriptor/impl/ServerDescriptorImpl.java @@ -181,6 +181,10 @@ public abstract class ServerDescriptorImpl extends DescriptorImpl cryptoLines.add(line); break; case CRYPTO_END: + if (null == cryptoLines) { + throw new DescriptorParseException(Key.CRYPTO_END + " before " + + Key.CRYPTO_BEGIN); + } cryptoLines.add(line); StringBuilder sb = new StringBuilder(); for (String cryptoLine : cryptoLines) { diff --git a/src/test/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImplTest.java b/src/test/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImplTest.java index c90207a..4aa2008 100644 --- a/src/test/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImplTest.java +++ b/src/test/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImplTest.java @@ -2244,6 +2244,16 @@ public class ExtraInfoDescriptorImplTest { } @Test + public void testEd25519IdentityInvalidCrypto() + throws DescriptorParseException { + this.thrown.expect(DescriptorParseException.class); + this.thrown.expectMessage("CRYPTO_END before CRYPTO_BEGIN"); + DescriptorBuilder.createWithEd25519Lines("identity-ed25519\n" + + "-----END ED25519 CERT-----\n-----BEGIN ED25519 CERT-----", + MASTER_KEY_ED25519_LINE, ROUTER_SIG_ED25519_LINE); + } + + @Test public void testEd25519MasterKeyMissing() throws DescriptorParseException { ExtraInfoDescriptor descriptor = diff --git a/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java b/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java index cd0b5dd..bd1d1d2 100644 --- a/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java +++ b/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java @@ -1826,6 +1826,16 @@ public class ServerDescriptorImplTest { } @Test + public void testEd25519IdentityInvalidCrypto() + throws DescriptorParseException { + this.thrown.expect(DescriptorParseException.class); + this.thrown.expectMessage("CRYPTO_END before CRYPTO_BEGIN"); + DescriptorBuilder.createWithEd25519Lines("identity-ed25519\n" + + "-----END ED25519 CERT-----\n-----BEGIN ED25519 CERT-----", + MASTER_KEY_ED25519_LINE, ROUTER_SIG_ED25519_LINE); + } + + @Test public void testEd25519MasterKeyMissing() throws DescriptorParseException { ServerDescriptor descriptor =
participants (1)
-
karsten@torproject.org