[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [bridgedb/master] Fix a potential bug where an OR ID might have been unprocessed base64.



commit 02e40fa92cd667dae90d2aa02dfe71592eed28a1
Author: Isis Lovecruft <isis@xxxxxxxxxxxxxx>
Date:   Sun Jan 12 03:53:33 2014 +0000

    Fix a potential bug where an OR ID might have been unprocessed base64.
    
     * CHANGE bridgedb.parse.networkstatus.parseRLine() to check the OR
       nickname validity only after parsing (and readding the base64 padding
       to) the OR ID digest.
     * ADD inline comments about why this is done.
---
 lib/bridgedb/parse/networkstatus.py |    9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/lib/bridgedb/parse/networkstatus.py b/lib/bridgedb/parse/networkstatus.py
index b178dbe..0b73569 100644
--- a/lib/bridgedb/parse/networkstatus.py
+++ b/lib/bridgedb/parse/networkstatus.py
@@ -103,18 +103,25 @@ def parseRLine(line):
                 "Wrong number of fields in networkstatus 'r'-line: %r" % line)
 
         nickname, ID = fields[:2]
-        isValidRouterNickname(nickname)
 
         try:
             ID = parseUnpaddedBase64(ID)
         except InvalidBase64 as error:
             raise InvalidNetworkstatusRouterIdentity(error)
 
+        # Check the nickname validity after parsing the ID, otherwise, if the
+        # nickname is invalid, we end up with the nickname being ``None`` and
+        # the ID being unparsed, unpadded (meaning it is technically invalid)
+        # base64.
+        isValidRouterNickname(nickname)
+
     except NetworkstatusParsingError as error:
         logging.error(error)
         nickname, ID = None, None
     except InvalidRouterNickname as error:
         logging.error(error)
+        # Assume that we mostly care about obtaining the OR's ID, then it
+        # should be okay to set the nickname to ``None``, if it was invalid.
         nickname = None
     except InvalidNetworkstatusRouterIdentity as error:
         logging.error(error)



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits