auth: Detect invalid bytes in makeBytesFromHex()

Also only allocate the required number of bytes, not twice that.

diff --git a/pdns/misc.cc b/pdns/misc.cc
index 66dbb497db31881f44ad36cad25eae3820cff340..f760a957abef8cdd8bc8048a47a3a134f2d6adde 100644 (file)
--- a/pdns/misc.cc
+++ b/pdns/misc.cc
@@ -599,14 +599,18 @@ string makeBytesFromHex(const string &in) {
     throw std::range_error("odd number of bytes in hex string");
   }
   string ret;
-  ret.reserve(in.size());
+  ret.reserve(in.size() / 2);
+
   unsigned int num;
-  for (size_t i = 0; i < in.size(); i+=2) {
-    string numStr = in.substr(i, 2);
+  for (size_t i = 0; i < in.size(); i += 2) {
+    const auto numStr = in.substr(i, 2);
     num = 0;
-    sscanf(numStr.c_str(), "%02x", &num);
-    ret.push_back((uint8_t)num);
+    if (sscanf(numStr.c_str(), "%02x", &num) != 1) {
+      throw std::range_error("Invalid value while parsing the hex string '" + in + "'");
+    }
+    ret.push_back(static_cast<uint8_t>(num));
   }
+
   return ret;
 }
 

diff --git a/pdns/test-misc_hh.cc b/pdns/test-misc_hh.cc
index 3dd8f9c0933b235abd75466cb15f20932f8c8334..f5190484096723053a118e829dbd79b73572b8b1 100644 (file)
--- a/pdns/test-misc_hh.cc
+++ b/pdns/test-misc_hh.cc
@@ -387,6 +387,8 @@ BOOST_AUTO_TEST_CASE(test_makeBytesFromHex) {
   BOOST_CHECK_EQUAL(out, "\x12\x34\x56\x78\x90\xab\xcd\xef");
 
   BOOST_CHECK_THROW(makeBytesFromHex("123"), std::range_error);
+
+  BOOST_CHECK_THROW(makeBytesFromHex("1234GG"), std::range_error);
 }
 
 BOOST_AUTO_TEST_SUITE_END()