From: Alberto Leiva Popper Date: Wed, 18 Dec 2024 21:58:54 +0000 (-0600) Subject: Check manifest fileList emptiness before shuffling X-Git-Tag: 1.6.5~1 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=17f095210553182b0e0a28ee6fd41b0d3c8fc1d3;p=thirdparty%2FFORT-validator.git Check manifest fileList emptiness before shuffling Prevents the loop iterating indefinitely trying to shuffle an array that's not actually there. Fixes #154 and new CVE. --- diff --git a/src/object/manifest.c b/src/object/manifest.c index 50e0d4fa..b5d4a94e 100644 --- a/src/object/manifest.c +++ b/src/object/manifest.c @@ -181,23 +181,16 @@ validate_manifest(struct Manifest *manifest) return 0; } -static int -build_rpp(struct Manifest *mft, struct rpki_uri *notif, - struct rpki_uri *mft_uri, struct rpp **pp) +/* Requires list->count > 0 */ +static void +shuffle_file_list(struct Manifest *mft) { - char const *tal; - unsigned int i, j; - struct FileAndHash *fah, *tmpfah; - struct rpki_uri *uri; - int error; unsigned int seed, rnd; + unsigned int i, j; + struct FileAndHash *tmpfah; seed = time(NULL) ^ getpid(); - *pp = rpp_create(); - - tal = tal_get_file_name(validation_tal(state_retrieve())); - /* Fisher-Yates shuffle with modulo bias */ for (i = 0; i < mft->fileList.list.count - 1; i++) { rnd = rand_r(&seed); @@ -206,6 +199,25 @@ build_rpp(struct Manifest *mft, struct rpki_uri *notif, mft->fileList.list.array[j] = mft->fileList.list.array[i]; mft->fileList.list.array[i] = tmpfah; } +} + +static int +build_rpp(struct Manifest *mft, struct rpki_uri *notif, + struct rpki_uri *mft_uri, struct rpp **pp) +{ + char const *tal; + unsigned int i; + struct FileAndHash *fah; + struct rpki_uri *uri; + int error; + + if (mft->fileList.list.count == 0) + return pr_val_err("Manifest's file list is empty."); + + shuffle_file_list(mft); + + *pp = rpp_create(); + tal = tal_get_file_name(validation_tal(state_retrieve())); for (i = 0; i < mft->fileList.list.count; i++) { fah = mft->fileList.list.array[i];