rend_parse_client_keys() prints stack in logs if base64_decode fails
int
rend_parse_client_keys(strmap_t *parsed_clients, const char *ckstr)
{
...
char descriptor_cookie_base64[REND_DESC_COOKIE_LEN_BASE64+2+1];
...
/* The size of descriptor_cookie_tmp needs to be REND_DESC_COOKIE_LEN+2,
* because a base64 encoding of length 24 does not fit into 16 bytes in all
* cases. */
if ((base64_decode(descriptor_cookie_tmp, REND_DESC_COOKIE_LEN+2,
tok->args[0], REND_DESC_COOKIE_LEN_BASE64+2+1)
!= REND_DESC_COOKIE_LEN)) {
log_warn(LD_REND, "Descriptor cookie contains illegal characters: "
"%s", descriptor_cookie_base64);
goto err;
}
...descriptor_cookie_base64 was never initialized, so it upon base64_decode() failure, it prints stack garbage to the logs.
Not an important bug, but a bug alright, so I'm putting it here to not forget it.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information