Add function to validate HS descriptor ID

Signed-off-by: David Goulet <dgoulet@ev0ke.net>

diff --git a/src/or/control.c b/src/or/control.c
index b4d671bea84ec2bab5c757e4e37a5628a8c6220c..313532432a192282a602539b709e3f5c96f7bc76 100644 (file)
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -3284,7 +3284,7 @@ handle_control_hsfetch(control_connection_t *conn, uint32_t len,
   if (rend_valid_service_id(arg1)) {
     hsaddress = arg1;
   } else if (strcmpstart(arg1, v2_str) == 0 &&
-             strlen(arg1 + v2_str_len) == REND_DESC_ID_V2_LEN_BASE32 &&
+             rend_valid_descriptor_id(arg1 + v2_str_len) &&
              base32_decode(digest, sizeof(digest), arg1 + v2_str_len,
                            REND_DESC_ID_V2_LEN_BASE32) == 0) {
     /* We have a well formed version 2 descriptor ID. Keep the decoded value

diff --git a/src/or/directory.c b/src/or/directory.c
index 37a46fc1265c699989b760e3308aadef7298d596..bad1f62153be6d363ff3e1fb2636499ced10eaaf 100644 (file)
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -3094,7 +3094,7 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
     /* Handle v2 rendezvous descriptor fetch request. */
     const char *descp;
     const char *query = url + strlen("/tor/rendezvous2/");
-    if (strlen(query) == REND_DESC_ID_V2_LEN_BASE32) {
+    if (rend_valid_descriptor_id(query)) {
       log_info(LD_REND, "Got a v2 rendezvous descriptor request for ID '%s'",
                safe_str(escaped(query)));
       switch (rend_cache_lookup_v2_desc_as_dir(query, &descp)) {

diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
index 95d16f13625a7de2fba8446947b8e1b42a01595a..49827459beed129d62f127e968e5c25fb027dc8c 100644 (file)
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@@ -919,6 +919,24 @@ rend_valid_service_id(const char *query)
   return 1;
 }
 
+/** Return true iff <b>query</b> is a syntactically valid descriptor ID.
+ * (as generated by rend_get_descriptor_id_bytes). */
+int
+rend_valid_descriptor_id(const char *query)
+{
+  if (strlen(query) != REND_DESC_ID_V2_LEN_BASE32) {
+    goto invalid;
+  }
+  if (strspn(query, BASE32_CHARS) != REND_DESC_ID_V2_LEN_BASE32) {
+    goto invalid;
+  }
+
+  return 1;
+
+invalid:
+  return 0;
+}
+
 /** Lookup in the client cache the given service ID <b>query</b> for
  * <b>version</b>.
  *

diff --git a/src/or/rendcommon.h b/src/or/rendcommon.h
index f4f2051890decdc5a253bdeb0e2c699f8074e841..b86cdb7fa6b59caa8a8c0525ab9a3d4f7742d9c5 100644 (file)
--- a/src/or/rendcommon.h
+++ b/src/or/rendcommon.h
@@ -37,6 +37,7 @@ void rend_cache_clean_v2_descs_as_dir(time_t now, size_t min_to_remove);
 void rend_cache_purge(void);
 void rend_cache_free_all(void);
 int rend_valid_service_id(const char *query);
+int rend_valid_descriptor_id(const char *query);
 int rend_cache_lookup_entry(const char *query, int version,
                             rend_cache_entry_t **entry_out);
 int rend_cache_lookup_v2_desc_as_dir(const char *query, const char **desc);

diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index fd3971c5875548463cddd09be7e6a08f141bd62a..14d5f75e359c8b1e11c923a0fbd1600f30b8d22f 100644 (file)
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -4572,8 +4572,7 @@ rend_parse_v2_service_descriptor(rend_service_descriptor_t **parsed_out,
   tok = find_by_keyword(tokens, R_RENDEZVOUS_SERVICE_DESCRIPTOR);
   tor_assert(tok == smartlist_get(tokens, 0));
   tor_assert(tok->n_args == 1);
-  if (strlen(tok->args[0]) != REND_DESC_ID_V2_LEN_BASE32 ||
-      strspn(tok->args[0], BASE32_CHARS) != REND_DESC_ID_V2_LEN_BASE32) {
+  if (!rend_valid_descriptor_id(tok->args[0])) {
     log_warn(LD_REND, "Invalid descriptor ID: '%s'", tok->args[0]);
     goto err;
   }