[tor-commits] [tor/master] Add off-by-one checks for key length.

nickm at torproject.org nickm at torproject.org
Wed Mar 18 13:34:39 UTC 2020


commit 2328c79a5fbc2f1995390dd08002244bc952246d
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue Mar 17 10:07:54 2020 -0400

    Add off-by-one checks for key length.
---
 src/test/test_crypto.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c
index 2373e5bf8..5af0cce13 100644
--- a/src/test/test_crypto.c
+++ b/src/test/test_crypto.c
@@ -1505,6 +1505,21 @@ test_crypto_pk_bad_size(void *arg)
   pk2 = crypto_pk_asn1_decode_private(buf, n, 1020);
   tt_assert(! pk2);
 
+  /* Set the max bit count one bit smaller: we should refuse to decode the
+     key.*/
+  pk2 = crypto_pk_asn1_decode_private(buf, n, 1023);
+  tt_assert(! pk2);
+
+  /* Correct size: should work. */
+  pk2 = crypto_pk_asn1_decode_private(buf, n, 1024);
+  tt_assert(pk2);
+  crypto_pk_free(pk2);
+
+  /* One bit larger: should work. */
+  pk2 = crypto_pk_asn1_decode_private(buf, n, 1025);
+  tt_assert(pk2);
+  crypto_pk_free(pk2);
+
   /* Set the max bit count larger: it should decode fine. */
   pk2 = crypto_pk_asn1_decode_private(buf, n, 2048);
   tt_assert(pk2);





More information about the tor-commits mailing list