[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/maint-0.2.2] Fix remotely triggerable assert during ip decryption



commit d5161ab895b9c14a66a08fb38521dd12c0772a97
Author: Dan Rosenberg <dan.j.rosenberg@xxxxxxxxx>
Date:   Sun Nov 6 17:23:14 2011 +0100

    Fix remotely triggerable assert during ip decryption
    
    Fixes bug 4410.
---
 src/or/routerparse.c |    5 +++++
 1 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 19f9e38..843fc79 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -3858,6 +3858,11 @@ rend_decrypt_introduction_points(char **ipos_decrypted,
     crypto_cipher_env_t *cipher;
     char *dec;
     int declen;
+    if (ipos_encrypted_size < CIPHER_IV_LEN + 2) {
+      log_warn(LD_REND, "Size of encrypted introduction points is too "
+                        "small.");
+      return -1;
+    }
     dec = tor_malloc_zero(ipos_encrypted_size - CIPHER_IV_LEN - 1);
     cipher = crypto_create_init_cipher(descriptor_cookie, 0);
     declen = crypto_cipher_decrypt_with_iv(cipher, dec,



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits