From f6afd4efa6c24fab8ace710fc0eac4c8811b93dd Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 18 Apr 2012 23:02:09 -0400 Subject: Fix a log-uninitialized-buffer bug. Fix for 5647; bugfix on 0.2.1.5-alpha. --- changes/bug5647 | 4 ++++ src/or/routerparse.c | 3 +-- 2 files changed, 5 insertions(+), 2 deletions(-) create mode 100644 changes/bug5647 diff --git a/changes/bug5647 b/changes/bug5647 new file mode 100644 index 000000000..92f41c855 --- /dev/null +++ b/changes/bug5647 @@ -0,0 +1,4 @@ + o Major bugfixes: + - Avoid logging uninitialized data when unable to decode a hidden + service descriptor cookie. Fixes bug 5647; bugfix on 0.2.1.5-alpha. + diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 322a2b571..8c4f582c0 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -5056,7 +5056,6 @@ rend_parse_client_keys(strmap_t *parsed_clients, const char *ckstr) while (!strcmpstart(current_entry, "client-name ")) { rend_authorized_client_t *parsed_entry; size_t len; - char descriptor_cookie_base64[REND_DESC_COOKIE_LEN_BASE64+2+1]; char descriptor_cookie_tmp[REND_DESC_COOKIE_LEN+2]; /* Determine end of string. */ const char *eos = strstr(current_entry, "\nclient-name "); @@ -5125,7 +5124,7 @@ rend_parse_client_keys(strmap_t *parsed_clients, const char *ckstr) tok->args[0], REND_DESC_COOKIE_LEN_BASE64+2+1) != REND_DESC_COOKIE_LEN)) { log_warn(LD_REND, "Descriptor cookie contains illegal characters: " - "%s", descriptor_cookie_base64); + "%s", escaped(tok->args[0])); goto err; } memcpy(parsed_entry->descriptor_cookie, descriptor_cookie_tmp, -- cgit v1.2.3