From: Nick Mathewson Date: Mon, 3 Jan 2011 21:16:53 +0000 (-0500) Subject: Fix up size and sign issues in base32 code X-Git-Tag: tor-0.2.2.21-alpha~7^2~10^2~2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=0222228d64bf29a3b9db5a80a557e20c3c360224;p=thirdparty%2Ftor.git Fix up size and sign issues in base32 code Fixes bug 2331. --- diff --git a/changes/bug2331 b/changes/bug2331 new file mode 100644 index 0000000000..df97ac2b45 --- /dev/null +++ b/changes/bug2331 @@ -0,0 +1,6 @@ + o Minor bugfixes: + - Add assertions to check for overflow in arguments to + base32_encode and base32_decode; fix a signed-unsigned + comparison there too. These bugs are actually reachable in Tor, + but it's good to prevent future errors too. Found by doorss. + diff --git a/src/common/crypto.c b/src/common/crypto.c index 65162618a3..71cf6d43d8 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -2412,9 +2412,10 @@ digest256_from_base64(char *digest, const char *d64) void base32_encode(char *dest, size_t destlen, const char *src, size_t srclen) { - unsigned int i, bit, v, u; - size_t nbits = srclen * 8; + unsigned int i, v, u; + size_t nbits = srclen * 8, bit; + tor_assert(srclen < SIZE_T_CEILING/8); tor_assert((nbits%5) == 0); /* We need an even multiple of 5 bits. */ tor_assert((nbits/5)+1 <= destlen); /* We need enough space. */ tor_assert(destlen < SIZE_T_CEILING); @@ -2438,11 +2439,12 @@ base32_decode(char *dest, size_t destlen, const char *src, size_t srclen) { /* XXXX we might want to rewrite this along the lines of base64_decode, if * it ever shows up in the profile. */ - unsigned int i, j, bit; - size_t nbits; + unsigned int i, bit; + size_t nbits, j; char *tmp; nbits = srclen * 5; + tor_assert(srclen < SIZE_T_CEILING / 5); tor_assert((nbits%8) == 0); /* We need an even multiple of 8 bits. */ tor_assert((nbits/8) <= destlen); /* We need enough space. */ tor_assert(destlen < SIZE_T_CEILING);