dirauth: don't use hardcoded length when parsing digests

When parsing detached signature, we make sure that we use the length of the
digest algorithm instead of an hardcoded DIGEST256_LEN in order to avoid
comparing bytes out of bound with a smaller digest length such as SHA1.

Fixes #19066

Signed-off-by: David Goulet <dgoulet@torproject.org>

diff --git a/changes/bug19066 b/changes/bug19066
new file mode 100644 (file)
index 0000000..c3d1fc7
--- /dev/null
+++ b/changes/bug19066
@@ -0,0 +1,5 @@
+  o Minor bugfixes (directory authority):
+    - When parsing detached signature, make sure we use the length of the
+      digest algorithm instead of an hardcoded DIGEST256_LEN in order to
+      avoid comparing bytes out of bound with a smaller digest length such
+      as SHA1. Fixes #19066; bugfix on tor-0.2.2.6-alpha.

diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 600d55294f9422d630aabd04c2b64811eee7dfd8..e44899f0cf9f9fa00f7d486c27e2f9221882e53f 100644 (file)
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -3505,7 +3505,7 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
     digest_algorithm_t alg;
     const char *flavor;
     const char *hexdigest;
-    size_t expected_length;
+    size_t expected_length, digest_length;
 
     tok = _tok;
 
@@ -3530,6 +3530,8 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
 
     expected_length =
       (alg == DIGEST_SHA1) ? HEX_DIGEST_LEN : HEX_DIGEST256_LEN;
+    digest_length =
+      (alg == DIGEST_SHA1) ? DIGEST_LEN : DIGEST256_LEN;
 
     if (strlen(hexdigest) != expected_length) {
       log_warn(LD_DIR, "Wrong length on consensus-digest in detached "
@@ -3538,12 +3540,12 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
     }
     digests = detached_get_digests(sigs, flavor);
     tor_assert(digests);
-    if (!tor_mem_is_zero(digests->d[alg], DIGEST256_LEN)) {
+    if (!tor_mem_is_zero(digests->d[alg], digest_length)) {
       log_warn(LD_DIR, "Multiple digests for %s with %s on detached "
                "signatures document", flavor, algname);
       continue;
     }
-    if (base16_decode(digests->d[alg], DIGEST256_LEN,
+    if (base16_decode(digests->d[alg], digest_length,
                       hexdigest, strlen(hexdigest)) < 0) {
       log_warn(LD_DIR, "Bad encoding on consensus-digest in detached "
                "networkstatus signatures");