check identity buffer size

10 years ago · 4c8d85870b
3 changed files with 19 additions and 5 deletions
--- a/AddressBook.cpp
+++ b/AddressBook.cpp
@ -188,7 +188,8 @@ namespace client
 		}	
 		// if not .b32 we assume full base64 address
 		i2p::data::IdentityEx dest;
-		dest.FromBase64 (address); 
+		if (!dest.FromBase64 (address))
 			return false;
 		ident = dest.GetIdentHash ();
 		return true;
 	}
--- a/Identity.cpp
+++ b/Identity.cpp
@ -157,14 +157,27 @@ namespace data
 	size_t IdentityEx::FromBuffer (const uint8_t * buf, size_t len)
 	{
 		if (len < DEFAULT_IDENTITY_SIZE)
 		{
 			LogPrint (eLogError, "Identity buffer length ", len, " is too small");
 			return 0;
 		}	
 		memcpy (&m_StandardIdentity, buf, DEFAULT_IDENTITY_SIZE);
 		delete[] m_ExtendedBuffer;
 		if (m_StandardIdentity.certificate.length)
 		{
 			m_ExtendedLen = be16toh (m_StandardIdentity.certificate.length);
-			m_ExtendedBuffer = new uint8_t[m_ExtendedLen];
+			if (m_ExtendedLen + DEFAULT_IDENTITY_SIZE <= len)
-			memcpy (m_ExtendedBuffer, buf + DEFAULT_IDENTITY_SIZE, m_ExtendedLen);
+			{	
 				m_ExtendedBuffer = new uint8_t[m_ExtendedLen];
 				memcpy (m_ExtendedBuffer, buf + DEFAULT_IDENTITY_SIZE, m_ExtendedLen);
 			}	
 			else
 			{
 				LogPrint (eLogError, "Certificate length ", m_ExtendedLen, " exceeds buffer length ", len - DEFAULT_IDENTITY_SIZE);
 				return 0;
 			}	
 		}		
 		else
 		{
--- a/base64.cpp
+++ b/base64.cpp
@ -79,7 +79,7 @@ namespace data
 		     outCount = 4*n;
 		else
 		     outCount = 4*(n+1);
-		if (outCount > len) return -1;
+		if (outCount > len) return 0;
 		pd = (unsigned char *)OutBuffer;
 		for ( i = 0; i<n; i++ ){
 		     acc_1 = *ps++;
@ -158,7 +158,7 @@ namespace data
 		     outCount = 3*n;
 		else {
 		     outCount = 0;
-		     return -1;
+		     return 0;
 		}
 		ps = (unsigned char *)(InBuffer + InCount - 1);