Remove (untriggerable) overflow in crypto_random_hostname()

Fixes bug 4413; bugfix on xxxx. Hostname components cannot be larger than 63 characters. This simple check makes certain randlen cannot overflow rand_bytes_len.

Remove (untriggerable) overflow in crypto_random_hostname()

Fixes bug 4413; bugfix on xxxx. Hostname components cannot be larger than 63 characters. This simple check makes certain randlen cannot overflow rand_bytes_len.
Remove (untriggerable) overflow in crypto_random_hostname()
3fadc074 · Stephen Palmateer · Nick Mathewson · 1e5d6699 · 3fadc074 · 3fadc074
Commit 3fadc074 authored 13 years ago by Stephen Palmateer Committed by Nick Mathewson 13 years ago
--- a/changes/bug4413
+++ b/changes/bug4413
+Minor bugfixes:
+    - Check for a potential, however unlikely, integer overflow. Fixes bug 4413; Bugfix on 0.2.3.9-alpha.
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -82,6 +82,9 @@
 #include "sha256.c"
 #define SHA256_Final(a,b) sha256_done(b,a)

+/* Bug 4413*/
+#define MAX_HOSTNAME_SIZE 63
+
 static unsigned char *
 SHA256(const unsigned char *m, size_t len, unsigned char *d)
 {
@@ -2554,7 +2557,12 @@ crypto_random_hostname(int min_rand_len, int max_rand_len, const char *prefix,
  size_t resultlen, prefixlen;

  tor_assert(max_rand_len >= min_rand_len);
+
  randlen = min_rand_len + crypto_rand_int(max_rand_len - min_rand_len + 1);
+  if (randlen > MAX_HOSTNAME_SIZE) {
+    randlen = MAX_HOSTNAME_SIZE;
+  }
+
  prefixlen = strlen(prefix);
  resultlen = prefixlen + strlen(suffix) + randlen + 16;