[tor-commits] [tor/master] dirauth: don't use hardcoded length when parsing digests

nickm at torproject.org nickm at torproject.org
Mon May 23 14:59:11 UTC 2016 

commit 50ff24e27652b4781a127d5dea81c4de96a6fdef
Author: David Goulet <dgoulet at torproject.org>
Date:   Mon May 16 11:18:51 2016 -0400

    dirauth: don't use hardcoded length when parsing digests
    
    When parsing detached signature, we make sure that we use the length of the
    digest algorithm instead of an hardcoded DIGEST256_LEN in order to avoid
    comparing bytes out of bound with a smaller digest length such as SHA1.
    
    Fixes #19066
    
    Signed-off-by: David Goulet <dgoulet at torproject.org>
---
 changes/bug19066     | 5 +++++
 src/or/routerparse.c | 8 +++++---
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/changes/bug19066 b/changes/bug19066
new file mode 100644
index 0000000..c3d1fc7
--- /dev/null
+++ b/changes/bug19066
@@ -0,0 +1,5 @@
+  o Minor bugfixes (directory authority):
+    - When parsing detached signature, make sure we use the length of the
+      digest algorithm instead of an hardcoded DIGEST256_LEN in order to
+      avoid comparing bytes out of bound with a smaller digest length such
+      as SHA1. Fixes #19066; bugfix on tor-0.2.2.6-alpha.
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 600d552..e44899f 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -3505,7 +3505,7 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
     digest_algorithm_t alg;
     const char *flavor;
     const char *hexdigest;
-    size_t expected_length;
+    size_t expected_length, digest_length;
 
     tok = _tok;
 
@@ -3530,6 +3530,8 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
 
     expected_length =
       (alg == DIGEST_SHA1) ? HEX_DIGEST_LEN : HEX_DIGEST256_LEN;
+    digest_length =
+      (alg == DIGEST_SHA1) ? DIGEST_LEN : DIGEST256_LEN;
 
     if (strlen(hexdigest) != expected_length) {
       log_warn(LD_DIR, "Wrong length on consensus-digest in detached "
@@ -3538,12 +3540,12 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
     }
     digests = detached_get_digests(sigs, flavor);
     tor_assert(digests);
-    if (!tor_mem_is_zero(digests->d[alg], DIGEST256_LEN)) {
+    if (!tor_mem_is_zero(digests->d[alg], digest_length)) {
       log_warn(LD_DIR, "Multiple digests for %s with %s on detached "
                "signatures document", flavor, algname);
       continue;
     }
-    if (base16_decode(digests->d[alg], DIGEST256_LEN,
+    if (base16_decode(digests->d[alg], digest_length,
                       hexdigest, strlen(hexdigest)) < 0) {
       log_warn(LD_DIR, "Bad encoding on consensus-digest in detached "
                "networkstatus signatures");

More information about the tor-commits mailing list