mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-20 10:12:15 +01:00
Correctly reject packages lines with empty entries
This commit is contained in:
parent
f935ee2dae
commit
bd630a899a
@ -3300,22 +3300,38 @@ validate_recommended_package_line(const char *line)
|
||||
WORD(); /* Skip URL */
|
||||
++cp;
|
||||
|
||||
/* Skip digestname=digestval + */
|
||||
int foundeq = 0;
|
||||
while (*cp) {
|
||||
if (*cp == ' ') {
|
||||
if (!foundeq)
|
||||
return 0;
|
||||
foundeq = 0;
|
||||
} else if (*cp == '=') {
|
||||
if (++foundeq > 1)
|
||||
return 0;
|
||||
}
|
||||
++cp;
|
||||
/* Skip digesttype=digestval + */
|
||||
int n_entries = 0;
|
||||
while (1) {
|
||||
const char *start_of_word = cp;
|
||||
const char *end_of_word = strchr(cp, ' ');
|
||||
if (! end_of_word)
|
||||
end_of_word = cp + strlen(cp);
|
||||
|
||||
if (start_of_word == end_of_word)
|
||||
return 0;
|
||||
|
||||
const char *eq = memchr(start_of_word, '=', end_of_word - start_of_word);
|
||||
|
||||
if (!eq)
|
||||
return 0;
|
||||
if (eq == start_of_word)
|
||||
return 0;
|
||||
if (eq == end_of_word - 1)
|
||||
return 0;
|
||||
if (memchr(eq+1, '=', end_of_word - (eq+1)))
|
||||
return 0;
|
||||
|
||||
++n_entries;
|
||||
if (0 == *end_of_word)
|
||||
break;
|
||||
|
||||
cp = end_of_word + 1;
|
||||
}
|
||||
|
||||
if (!foundeq)
|
||||
if (n_entries == 0)
|
||||
return 0;
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -2961,6 +2961,13 @@ test_dir_packages(void *arg)
|
||||
BAD("tor ");
|
||||
BAD("tor");
|
||||
BAD("");
|
||||
BAD("=foobar sha256="
|
||||
"3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7");
|
||||
BAD("= = sha256="
|
||||
"3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7");
|
||||
|
||||
BAD("sha512= sha256="
|
||||
"3c179f46ca77069a6a0bac70212a9b3b838b2f66129cb52d568837fc79d8fcc7");
|
||||
|
||||
votes = smartlist_new();
|
||||
smartlist_add(votes, tor_malloc_zero(sizeof(networkstatus_t)));
|
||||
|
Loading…
Reference in New Issue
Block a user