[tor-commits] [collector/master] Validate extra-info-digest lines more carefully.

[karsten at torproject.org]

commit f0bc9b2aa74584f23c0e9f4fb0045e27036be200
Author: Karsten Loesing <karsten.loesing at gmx.net>
Date:   Wed Sep 28 16:17:24 2016 +0200

    Validate extra-info-digest lines more carefully.
---
 .../collector/bridgedescs/SanitizedBridgesWriter.java        |  5 +++++
 .../collector/bridgedescs/SanitizedBridgesWriterTest.java    | 12 ++++++++++++
 2 files changed, 17 insertions(+)

diff --git a/src/main/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriter.java b/src/main/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriter.java
index f45011f..ac3e39f 100644
--- a/src/main/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriter.java
+++ b/src/main/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriter.java
@@ -768,6 +768,11 @@ public class SanitizedBridgesWriter extends CollecTorMain {
             scrubbed.append("opt ");
             parts = line.substring(4).split(" ");
           }
+          if (parts.length > 3) {
+            logger.warn("extra-info-digest line contains more arguments than"
+                + "expected: '" + line + "'.  Skipping descriptor.");
+            return;
+          }
           scrubbed.append("extra-info-digest " + DigestUtils.shaHex(
               Hex.decodeHex(parts[1].toCharArray())).toUpperCase());
           if (parts.length > 2) {
diff --git a/src/test/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriterTest.java b/src/test/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriterTest.java
index 5bcbd0a..8634eae 100644
--- a/src/test/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriterTest.java
+++ b/src/test/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriterTest.java
@@ -313,6 +313,18 @@ public class SanitizedBridgesWriterTest {
   }
 
   @Test
+  public void testServerDescriptorExtraInfoDigestThirdArgument()
+      throws Exception {
+    this.defaultServerDescriptorBuilder.replaceLineStartingWith(
+        "extra-info-digest ", Arrays.asList("extra-info-digest "
+        + "6D03E80568DEFA102968D144CB35FFA6E3355B8A "
+        + "cy/LwP7nxukmmcT1+UnDg4qh0yKbjVUYKhGL8VksoJA 00"));
+    this.runTest();
+    assertTrue("Third argument to extra-info-digest line should not be "
+        + "dropped silently.", this.parsedServerDescriptors.isEmpty());
+  }
+
+  @Test
   public void testServerDescriptorExtraInfoDigestOpt() throws Exception {
     this.defaultServerDescriptorBuilder.replaceLineStartingWith(
         "extra-info-digest ", Arrays.asList("opt extra-info-digest "