From: Nick Mathewson <nickm@torproject.org>
Date: Fri, 21 Sep 2018 13:35:51 +0000 (-0400)
Subject: Merge branch 'maint-0.3.2' into maint-0.3.3
X-Git-Tag: tor-0.3.3.11~33^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2cadd93cea374664f151e945549b95f0b1f49b00;p=thirdparty%2Ftor.git

Merge branch 'maint-0.3.2' into maint-0.3.3
---

2cadd93cea374664f151e945549b95f0b1f49b00
diff --cc src/or/protover.c
index 5145881ba9,ebaca07ba3..a63c2eb02d
--- a/src/or/protover.c
+++ b/src/or/protover.c
@@@ -203,15 -206,10 +214,20 @@@ parse_single_entry(const char *s, cons
    if (equals == s)
      goto error;
  
 +  /* The name must not be longer than MAX_PROTOCOL_NAME_LENGTH. */
 +  if (equals - s > (int)MAX_PROTOCOL_NAME_LENGTH) {
 +    log_warn(LD_NET, "When parsing a protocol entry, I got a very large "
 +             "protocol name. This is possibly an attack or a bug, unless "
 +             "the Tor network truly supports protocol names larger than "
 +             "%ud characters. The offending string was: %s",
 +             MAX_PROTOCOL_NAME_LENGTH, escaped(out->name));
 +    goto error;
 +  }
++
+   /* The name must contain only alphanumeric characters and hyphens. */
+   if (!is_valid_keyword(s, equals-s))
+     goto error;
+ 
    out->name = tor_strndup(s, equals-s);
  
    tor_assert(equals < end_of_entry);
@@@ -919,5 -791,3 +935,4 @@@ protover_free_all(void
    }
  }
  
 +#endif /* !defined(HAVE_RUST) */
-