Browse Source

Merge pull request #1016 from majestrate/fix-streaming-overflow

fix overflow
pull/1019/head
orignal 7 years ago committed by GitHub
parent
commit
40cfbc5d61
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 23
      libi2pd/Streaming.cpp

23
libi2pd/Streaming.cpp

@ -244,16 +244,23 @@ namespace stream
{ {
uint8_t signature[256]; uint8_t signature[256];
auto signatureLen = m_RemoteIdentity->GetSignatureLen (); auto signatureLen = m_RemoteIdentity->GetSignatureLen ();
memcpy (signature, optionData, signatureLen); if(signatureLen <= sizeof(signature))
memset (const_cast<uint8_t *>(optionData), 0, signatureLen);
if (!m_RemoteIdentity->Verify (packet->GetBuffer (), packet->GetLength (), signature))
{ {
LogPrint (eLogError, "Streaming: Signature verification failed, sSID=", m_SendStreamID, ", rSID=", m_RecvStreamID); memcpy (signature, optionData, signatureLen);
Close (); memset (const_cast<uint8_t *>(optionData), 0, signatureLen);
flags |= PACKET_FLAG_CLOSE; if (!m_RemoteIdentity->Verify (packet->GetBuffer (), packet->GetLength (), signature))
{
LogPrint (eLogError, "Streaming: Signature verification failed, sSID=", m_SendStreamID, ", rSID=", m_RecvStreamID);
Close ();
flags |= PACKET_FLAG_CLOSE;
}
memcpy (const_cast<uint8_t *>(optionData), signature, signatureLen);
optionData += signatureLen;
}
else
{
LogPrint(eLogError, "Streaming: Signature too big, ", signatureLen, " bytes");
} }
memcpy (const_cast<uint8_t *>(optionData), signature, signatureLen);
optionData += signatureLen;
} }
packet->offset = packet->GetPayload () - packet->buf; packet->offset = packet->GetPayload () - packet->buf;

Loading…
Cancel
Save