Reject Tor versions that contain non-numeric prefixes

strto* and _atoi64 accept +, -, and various whitespace before numeric
characters. And permitted whitespace is different between POSIX and Windows.

Fixes bug 21507 and part of 21508; bugfix on 0.0.8pre1.

diff --git a/changes/bug21507 b/changes/bug21507
new file mode 100644 (file)
index 0000000..f83e291
--- /dev/null
+++ b/changes/bug21507
@@ -0,0 +1,5 @@
+  o Minor bugfixes (voting consistency):
+    - Reject version numbers with non-numeric prefixes (such as +, -, and
+      whitespace). Disallowing whitespace prevents differential version
+      parsing between POSIX-based and Windows platforms.
+      Fixes bug 21507 and part of 21508; bugfix on 0.0.8pre1.

diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 2ee0d2720ee09916f6ef153182917b2c7e756479..521e237be2966778114859a7a7b4e5a92f6b1dd4 100644 (file)
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -5621,6 +5621,8 @@ tor_version_parse(const char *s, tor_version_t *out)
 
 #define NUMBER(m)                               \
   do {                                          \
+    if (!cp || *cp < '0' || *cp > '9')          \
+      return -1;                                \
     out->m = (int)tor_parse_uint64(cp, 10, 0, INT32_MAX, &ok, &eos);    \
     if (!ok)                                    \
       return -1;                                \