[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/release-0.3.4] Merge branch 'maint-0.3.2' into maint-0.3.3
commit 2cadd93cea374664f151e945549b95f0b1f49b00
Merge: 75b95e1c8 5b04392c1
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Fri Sep 21 09:35:51 2018 -0400
Merge branch 'maint-0.3.2' into maint-0.3.3
changes/bug27316 | 3 +++
src/or/protover.c | 17 ++++++++++++++++-
src/test/test_protover.c | 4 ++++
3 files changed, 23 insertions(+), 1 deletion(-)
diff --cc src/or/protover.c
index 5145881ba,ebaca07ba..a63c2eb02
--- a/src/or/protover.c
+++ b/src/or/protover.c
@@@ -203,15 -206,10 +214,20 @@@ parse_single_entry(const char *s, cons
if (equals == s)
goto error;
+ /* The name must not be longer than MAX_PROTOCOL_NAME_LENGTH. */
+ if (equals - s > (int)MAX_PROTOCOL_NAME_LENGTH) {
+ log_warn(LD_NET, "When parsing a protocol entry, I got a very large "
+ "protocol name. This is possibly an attack or a bug, unless "
+ "the Tor network truly supports protocol names larger than "
+ "%ud characters. The offending string was: %s",
+ MAX_PROTOCOL_NAME_LENGTH, escaped(out->name));
+ goto error;
+ }
++
+ /* The name must contain only alphanumeric characters and hyphens. */
+ if (!is_valid_keyword(s, equals-s))
+ goto error;
+
out->name = tor_strndup(s, equals-s);
tor_assert(equals < end_of_entry);
@@@ -919,5 -791,3 +935,4 @@@ protover_free_all(void
}
}
+#endif /* !defined(HAVE_RUST) */
-
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits