[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r11813: Fix an infinite loop when parsing multiple votes. (in tor/trunk: . src/or)

To: or-cvs@xxxxxxxxxxxxx
Subject: [or-cvs] r11813: Fix an infinite loop when parsing multiple votes. (in tor/trunk: . src/or)
From: nickm@xxxxxxxx
Date: Tue, 9 Oct 2007 15:31:14 -0400 (EDT)
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-cvs-outgoing@xxxxxxxx
Delivered-to: or-cvs@xxxxxxxx
Delivery-date: Tue, 09 Oct 2007 15:31:22 -0400
Reply-to: or-dev@xxxxxxxxxxxxx
Sender: owner-or-cvs@xxxxxxxxxxxxx

Author: nickm
Date: 2007-10-09 15:31:14 -0400 (Tue, 09 Oct 2007)
New Revision: 11813

Modified:
   tor/trunk/
   tor/trunk/src/or/dirvote.c
Log:
 r15593@catbus:  nickm | 2007-10-09 15:31:10 -0400
 Fix an infinite loop when parsing multiple votes.



Property changes on: tor/trunk
___________________________________________________________________
 svk:merge ticket from /tor/trunk [r15593] on 8246c3cf-6607-4228-993b-4d95d33730f1

Modified: tor/trunk/src/or/dirvote.c
===================================================================
--- tor/trunk/src/or/dirvote.c	2007-10-09 19:14:48 UTC (rev 11812)
+++ tor/trunk/src/or/dirvote.c	2007-10-09 19:31:14 UTC (rev 11813)
@@ -1359,6 +1359,8 @@
 
  again:
   vote = networkstatus_parse_vote_from_string(vote_body, &end_of_vote, 1);
+  if (!end_of_vote)
+    end_of_vote = vote_body + strlen(vote_body);
   if (!vote) {
     log_warn(LD_DIR, "Couldn't parse vote: length was %d",
              (int)strlen(vote_body));
@@ -1424,7 +1426,8 @@
                      "directory.");
           cached_dir_decref(v->vote_body);
           networkstatus_vote_free(v->vote);
-          v->vote_body = new_cached_dir(tor_strdup(vote_body),
+          v->vote_body = new_cached_dir(tor_strndup(vote_body,
+                                                    end_of_vote-vote_body),
                                         vote->published);
           v->vote = vote;
           if (end_of_vote &&
@@ -1444,13 +1447,16 @@
     });
 
   pending_vote = tor_malloc_zero(sizeof(pending_vote_t));
-  pending_vote->vote_body = new_cached_dir(tor_strdup(vote_body),
+  pending_vote->vote_body = new_cached_dir(tor_strndup(vote_body,
+                                                       end_of_vote-vote_body),
                                            vote->published);
   pending_vote->vote = vote;
   smartlist_add(pending_vote_list, pending_vote);
 
-  if (end_of_vote && !strcmpstart(end_of_vote, "network-status-version "))
+  if (!strcmpstart(end_of_vote, "network-status-version ")) {
+    vote_body = end_of_vote;
     goto again;
+  }
 
   goto done;
 
@@ -1465,8 +1471,10 @@
   if (vote)
     networkstatus_vote_free(vote);
 
-  if (end_of_vote && !strcmpstart(end_of_vote, "network-status-version "))
+  if (end_of_vote && !strcmpstart(end_of_vote, "network-status-version ")) {
+    vote_body = end_of_vote;
     goto again;
+  }
 
  done:

Prev by Author: [or-cvs] r11812: Change dirvote_get_vote to take named flags rather than 3 bo (in tor/trunk: . src/or)
Next by Author: [or-cvs] r11816: Make authority_certs_fetch_missing only fetch certificates w (in tor/trunk: . src/or)
Previous by thread: [or-cvs] r11812: Change dirvote_get_vote to take named flags rather than 3 bo (in tor/trunk: . src/or)
Next by thread: [or-cvs] r11814: syntactic sucrose (website/trunk/en)
Index(es):
- Author
- Thread