[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] branch master updated: more size checking; tokeniz
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnunet] branch master updated: more size checking; tokenize only after size check |
Date: |
Sun, 07 Jan 2018 22:34:49 +0100 |
This is an automated email from the git hooks/post-receive script.
lurchi pushed a commit to branch master
in repository gnunet.
The following commit(s) were added to refs/heads/master by this push:
new 0120859e1 more size checking; tokenize only after size check
0120859e1 is described below
commit 0120859e1ea2f0591602f446d4bc054e9230c801
Author: lurchi <address@hidden>
AuthorDate: Sun Jan 7 22:34:39 2018 +0100
more size checking; tokenize only after size check
---
src/social/gnunet-service-social.c | 36 +++++++++++++++++++++++++++---------
1 file changed, 27 insertions(+), 9 deletions(-)
diff --git a/src/social/gnunet-service-social.c
b/src/social/gnunet-service-social.c
index 60f1b348d..31e3a3dc2 100644
--- a/src/social/gnunet-service-social.c
+++ b/src/social/gnunet-service-social.c
@@ -1393,8 +1393,7 @@ msg_proc_parse (const struct MsgProcRequest *mpreq,
struct GNUNET_HashCode *method_hash)
{
ssize_t method_size = ntohs (mpreq->header.size) - sizeof (*mpreq);
- uint16_t offset = GNUNET_STRINGS_buffer_tokenize ((const char *) &mpreq[1],
- method_size, 1,
method_prefix);
+ uint16_t offset;
if (method_size < 0)
{
@@ -1402,6 +1401,11 @@ msg_proc_parse (const struct MsgProcRequest *mpreq,
"MsgProcRequest has invalid size\n");
return GNUNET_SYSERR;
}
+
+ offset = GNUNET_STRINGS_buffer_tokenize ((const char *) &mpreq[1],
+ method_size,
+ 1,
+ method_prefix);
if (0 == offset || offset != method_size || *method_prefix == NULL)
{
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
@@ -2147,20 +2151,34 @@ handle_client_app_connect (void *cls,
{
struct Client *c = cls;
struct GNUNET_SERVICE_Client *client = c->client;
-
- uint8_t app_id_size = ntohs (creq->header.size) - sizeof (*creq);
+ ssize_t app_id_size = ntohs (creq->header.size) - sizeof (*creq);
const char *app_id = NULL;
- uint16_t offset = GNUNET_STRINGS_buffer_tokenize ((const char *) &creq[1],
- app_id_size, 1, &app_id);
+ uint16_t offset;
+
+ if (app_id_size < 0)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "AppConnectRequest has invalid size\n");
+ GNUNET_break (0);
+ GNUNET_SERVICE_client_drop (client);
+ return;
+ }
+
+ offset = GNUNET_STRINGS_buffer_tokenize ((const char *) &creq[1],
+ (size_t) app_id_size,
+ 1,
+ &app_id);
if (0 == offset || offset != app_id_size)
{
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "AppConnectRequest contains invalid app ID\n");
GNUNET_break (0);
GNUNET_SERVICE_client_drop (client);
return;
}
struct GNUNET_HashCode app_id_hash;
- GNUNET_CRYPTO_hash (app_id, app_id_size, &app_id_hash);
+ GNUNET_CRYPTO_hash (app_id, (size_t) app_id_size, &app_id_hash);
GNUNET_CONTAINER_multihashmap_iterate (egos, ego_entry, client);
app_notify_ego_end (client);
@@ -2185,8 +2203,8 @@ handle_client_app_connect (void *cls,
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"%p Application %s connected.\n", app, app_id);
- c->app_id = GNUNET_malloc (app_id_size);
- GNUNET_memcpy (c->app_id, app_id, app_id_size);
+ c->app_id = GNUNET_malloc ((size_t) app_id_size);
+ GNUNET_memcpy (c->app_id, app_id, (size_t) app_id_size);
GNUNET_SERVICE_client_continue (client);
}
--
To stop receiving notification emails like this one, please contact
address@hidden
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [gnunet] branch master updated: more size checking; tokenize only after size check,
gnunet <=