PurpleI2P/i2pd
1
0
Fork 0
mirror of https://github.com/PurpleI2P/i2pd.git synced 2025-02-02 02:44:15 +00:00
Code Issues Releases Activity

Merge pull request #1016 from majestrate/fix-streaming-overflow

Browse Source 
fix overflow
This commit is contained in:
orignal 2017-11-23 13:54:34 -05:00 committed by GitHub
commit 40cfbc5d61
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
libi2pd/Streaming.cpp
View File

@ -244,16 +244,23 @@ namespace stream
{ {
uint8_t signature[256]; uint8_t signature[256];
auto signatureLen = m_RemoteIdentity->GetSignatureLen (); auto signatureLen = m_RemoteIdentity->GetSignatureLen ();
memcpy (signature, optionData, signatureLen); if(signatureLen <= sizeof(signature))
memset (const_cast<uint8_t *>(optionData), 0, signatureLen);
if (!m_RemoteIdentity->Verify (packet->GetBuffer (), packet->GetLength (), signature))
{ {
LogPrint (eLogError, "Streaming: Signature verification failed, sSID=", m_SendStreamID, ", rSID=", m_RecvStreamID); memcpy (signature, optionData, signatureLen);
Close (); memset (const_cast<uint8_t *>(optionData), 0, signatureLen);
flags |= PACKET_FLAG_CLOSE; if (!m_RemoteIdentity->Verify (packet->GetBuffer (), packet->GetLength (), signature))
{
LogPrint (eLogError, "Streaming: Signature verification failed, sSID=", m_SendStreamID, ", rSID=", m_RecvStreamID);
Close ();
flags |= PACKET_FLAG_CLOSE;
}
memcpy (const_cast<uint8_t *>(optionData), signature, signatureLen);
optionData += signatureLen;
}
else
{
LogPrint(eLogError, "Streaming: Signature too big, ", signatureLen, " bytes");
} }
memcpy (const_cast<uint8_t *>(optionData), signature, signatureLen);
optionData += signatureLen;
} }
packet->offset = packet->GetPayload () - packet->buf; packet->offset = packet->GetPayload () - packet->buf;