prop250: Pass the dst length to sr_srv_encode()

Signed-off-by: David Goulet <dgoulet@torproject.org>

diff --git a/src/or/shared_random.c b/src/or/shared_random.c
index 23c2b1417cbfee1d747861c10496bb7e809b9af0..8427b680a7fca4b17f0f015d61126609d90dbcb5 100644 (file)
--- a/src/or/shared_random.c
+++ b/src/or/shared_random.c
@@ -437,7 +437,7 @@ generate_srv(const char *hashed_reveals, uint8_t reveal_num,
   {
     /* Debugging. */
     char srv_hash_encoded[SR_SRV_VALUE_BASE64_LEN + 1];
-    sr_srv_encode(srv_hash_encoded, srv);
+    sr_srv_encode(srv_hash_encoded, sizeof(srv_hash_encoded), srv);
     log_debug(LD_DIR, "SR: Generated SRV: %s", srv_hash_encoded);
   }
   return srv;
@@ -504,7 +504,7 @@ srv_to_ns_string(const sr_srv_t *srv, const char *key)
   tor_assert(srv);
   tor_assert(key);
 
-  sr_srv_encode(srv_hash_encoded, srv);
+  sr_srv_encode(srv_hash_encoded, sizeof(srv_hash_encoded), srv);
   tor_asprintf(&srv_str, "%s %d %s\n", key,
                srv->num_reveals, srv_hash_encoded);
   log_debug(LD_DIR, "SR: Consensus SRV line: %s", srv_str);
@@ -839,7 +839,7 @@ get_majority_srv_from_votes(const smartlist_t *votes, int current)
   {
     /* Debugging */
     char encoded[SR_SRV_VALUE_BASE64_LEN + 1];
-    sr_srv_encode(encoded, the_srv);
+    sr_srv_encode(encoded, sizeof(encoded), the_srv);
     log_debug(LD_DIR, "SR: Chosen SRV by majority: %s (%d votes)", encoded,
               count);
   }
@@ -853,7 +853,7 @@ get_majority_srv_from_votes(const smartlist_t *votes, int current)
 /* Encode the given shared random value and put it in dst. Destination
  * buffer must be at least SR_SRV_VALUE_BASE64_LEN plus the NULL byte. */
 void
-sr_srv_encode(char *dst, const sr_srv_t *srv)
+sr_srv_encode(char *dst, size_t dst_len, const sr_srv_t *srv)
 {
   int ret;
   /* Extra byte for the NULL terminated char. */
@@ -861,12 +861,14 @@ sr_srv_encode(char *dst, const sr_srv_t *srv)
 
   tor_assert(dst);
   tor_assert(srv);
+  tor_assert(dst_len >= sizeof(buf));
 
   ret = base64_encode(buf, sizeof(buf), (const char *) srv->value,
                       sizeof(srv->value), 0);
   /* Always expect the full length without the NULL byte. */
   tor_assert(ret == (sizeof(buf) - 1));
-  strlcpy(dst, buf, sizeof(buf));
+  tor_assert(ret <= (int) dst_len);
+  strlcpy(dst, buf, dst_len);
 }
 
 /* Free a commit object. */

diff --git a/src/or/shared_random.h b/src/or/shared_random.h
index f89f47a11bb6106a3d8c42be51be0c59eba76b0a..4b16d26702066d979c50bcf7dba2cc07824261e0 100644 (file)
--- a/src/or/shared_random.h
+++ b/src/or/shared_random.h
@@ -114,7 +114,7 @@ sr_srv_t *sr_parse_srv(const smartlist_t *args);
 char *sr_get_string_for_vote(void);
 char *sr_get_string_for_consensus(const smartlist_t *votes);
 void sr_commit_free(sr_commit_t *commit);
-void sr_srv_encode(char *dst, const sr_srv_t *srv);
+void sr_srv_encode(char *dst, size_t dst_len, const sr_srv_t *srv);
 
 /* Private methods (only used by shared_random_state.c): */
 static inline

diff --git a/src/or/shared_random_state.c b/src/or/shared_random_state.c
index cce0c99939452153e47bffe6d467864900586ddb..705c586ae5866a50631e70c996ca0642cbf9d789 100644 (file)
--- a/src/or/shared_random_state.c
+++ b/src/or/shared_random_state.c
@@ -589,7 +589,7 @@ disk_state_put_srv_line(const sr_srv_t *srv, config_line_t *line)
   if (srv == NULL) {
     return;
   }
-  sr_srv_encode(encoded, srv);
+  sr_srv_encode(encoded, sizeof(encoded), srv);
   tor_asprintf(&line->value, "%d %s", srv->num_reveals, encoded);
 }