Browse Source

Merge pull request #1701 from simonvetter/openssl

fix a few undefined behaviour/out of bounds issues
pull/1703/head
orignal 3 years ago committed by GitHub
parent
commit
4ce7e192d6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 2
      libi2pd/ECIESX25519AEADRatchetSession.cpp
  2. 3
      libi2pd/Identity.cpp
  3. 2
      libi2pd/NetDb.cpp
  4. 2
      libi2pd/SSUData.cpp
  5. 8
      libi2pd/SSUSession.cpp

2
libi2pd/ECIESX25519AEADRatchetSession.cpp

@ -534,7 +534,7 @@ namespace garlic
LogPrint (eLogError, "Garlic: Can't encode elligator"); LogPrint (eLogError, "Garlic: Can't encode elligator");
return false; return false;
} }
memcpy (m_NSREncodedKey, out + offset, 56); // for possible next NSR memcpy (m_NSREncodedKey, out + offset, 32); // for possible next NSR
memcpy (m_NSRH, m_H, 32); memcpy (m_NSRH, m_H, 32);
offset += 32; offset += 32;
// KDF for Reply Key Section // KDF for Reply Key Section

3
libi2pd/Identity.cpp

@ -19,7 +19,8 @@ namespace data
Identity& Identity::operator=(const Keys& keys) Identity& Identity::operator=(const Keys& keys)
{ {
// copy public and signing keys together // copy public and signing keys together
memcpy (publicKey, keys.publicKey, sizeof (publicKey) + sizeof (signingKey)); memcpy (publicKey, keys.publicKey, sizeof (publicKey));
memcpy (signingKey, keys.signingKey, sizeof (signingKey));
memset (certificate, 0, sizeof (certificate)); memset (certificate, 0, sizeof (certificate));
return *this; return *this;
} }

2
libi2pd/NetDb.cpp

@ -66,8 +66,8 @@ namespace data
if (it != m_RouterInfos.end ()) if (it != m_RouterInfos.end ())
{ {
// remove own router // remove own router
m_RouterInfos.erase (it);
m_Floodfills.remove (it->second); m_Floodfills.remove (it->second);
m_RouterInfos.erase (it);
} }
// insert own router // insert own router
m_RouterInfos.emplace (i2p::context.GetIdentHash (), i2p::context.GetSharedRouterInfo ()); m_RouterInfos.emplace (i2p::context.GetIdentHash (), i2p::context.GetSharedRouterInfo ());

2
libi2pd/SSUData.cpp

@ -185,7 +185,7 @@ namespace transport
auto& incompleteMessage = it->second; auto& incompleteMessage = it->second;
// mark fragment as received // mark fragment as received
if (fragmentNum < 64) if (fragmentNum < 64)
incompleteMessage->receivedFragmentsBits |= (0x01 << fragmentNum); incompleteMessage->receivedFragmentsBits |= (uint64_t(0x01) << fragmentNum);
else else
LogPrint (eLogWarning, "SSU: Fragment number ", fragmentNum, " exceeds 64"); LogPrint (eLogWarning, "SSU: Fragment number ", fragmentNum, " exceeds 64");

8
libi2pd/SSUSession.cpp

@ -303,7 +303,7 @@ namespace transport
} }
else else
{ {
LogPrint (eLogError, "SSU: Wrong external address ", ourIP.to_string ()); LogPrint (eLogError, "SSU: External address ", ourIP.to_string (), " is in reserved range");
Failed (); Failed ();
} }
} }
@ -609,7 +609,7 @@ namespace transport
{ {
*payload = 16; *payload = 16;
payload++; // size payload++; // size
memcpy (payload, to.address ().to_v6 ().to_bytes ().data (), 16); // Alice's IP V6 memcpy (payload, to.address ().to_v6 ().to_bytes ().data (), 16); // Charlie's IP V6
payload += 16; // address payload += 16; // address
} }
htobe16buf (payload, to.port ()); // Charlie's port htobe16buf (payload, to.port ()); // Charlie's port
@ -703,7 +703,7 @@ namespace transport
if (!i2p::util::net::IsInReservedRange (ourIP)) if (!i2p::util::net::IsInReservedRange (ourIP))
i2p::context.UpdateAddress (ourIP); i2p::context.UpdateAddress (ourIP);
else else
LogPrint (eLogWarning, "SSU: Wrong external address ", ourIP.to_string ()); LogPrint (eLogError, "SSU: External address ", ourIP.to_string (), " is in reserved range");
if (ourIP.is_v4 ()) if (ourIP.is_v4 ())
{ {
if (ourPort != m_Server.GetPort ()) if (ourPort != m_Server.GetPort ())
@ -1301,7 +1301,7 @@ namespace transport
ip = boost::asio::ip::address_v6 (bytes); ip = boost::asio::ip::address_v6 (bytes);
} }
else else
LogPrint (eLogWarning, "SSU: Address size ", size, " is not supported"); LogPrint (eLogWarning, "SSU: Address size ", int(size), " is not supported");
buf += size; buf += size;
port = bufbe16toh (buf); port = bufbe16toh (buf);
return s; return s;

Loading…
Cancel
Save