Skip to content
Snippets Groups Projects
Commit 719b5c1d authored by rl1987's avatar rl1987 Committed by Nick Mathewson
Browse files

Avoid out-of-bounds smartlist access in protover_compute_vote()

and contract_protocol_list()
parent c380562a
Branches
No related tags found
No related merge requests found
o Minor bugfixes (hardening):
- Prevent a possible out-of-bounds smartlist read in
protover_compute_vote(). Fixes bug 26196; bugfix on
0.2.9.4-alpha.
......@@ -453,6 +453,10 @@ cmp_single_ent_by_version(const void **a_, const void **b_)
static char *
contract_protocol_list(const smartlist_t *proto_strings)
{
if (smartlist_len(proto_strings) == 0) {
return tor_strdup("");
}
// map from name to list of single-version entries
strmap_t *entry_lists_by_name = strmap_new();
// list of protocol names
......@@ -561,6 +565,10 @@ char *
protover_compute_vote(const smartlist_t *list_of_proto_strings,
int threshold)
{
if (smartlist_len(list_of_proto_strings) == 0) {
return tor_strdup("");
}
smartlist_t *all_entries = smartlist_new();
// First, parse the inputs and break them into singleton entries.
......@@ -587,6 +595,11 @@ protover_compute_vote(const smartlist_t *list_of_proto_strings,
smartlist_free(unexpanded);
} SMARTLIST_FOREACH_END(vote);
if (smartlist_len(all_entries) == 0) {
smartlist_free(all_entries);
return tor_strdup("");
}
// Now sort the singleton entries
smartlist_sort_strings(all_entries);
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment