don't copy LS2 for signature verification

2025-01-22 08:14:15 +00:00 · 2019-01-10 10:57:57 -05:00 · 2019-01-10 10:57:57 -05:00 · 84de7675c4
commit 84de7675c4
parent 6311a80d0e
1 changed files with 6 additions and 5 deletions
--- a/libi2pd/LeaseSet.cpp
+++ b/libi2pd/LeaseSet.cpp
@ -307,11 +307,12 @@ namespace data
 	bool LeaseSet2::VerifySignature (Verifier& verifier, const uint8_t * buf, size_t len, size_t signatureOffset)
 	{
 		if (signatureOffset + verifier->GetSignatureLen () > len) return false;
-		uint8_t * buf1 = new uint8_t[signatureOffset + 1];
-		buf1[0] = m_StoreType;
-		memcpy (buf1 + 1, buf, signatureOffset); // TODO: implement it better
-		bool verified = verifier->Verify (buf1, signatureOffset + 1, buf + signatureOffset); 
-		delete[] buf1;
+		// we assume buf inside DatabaseStore message, so buf[-1] is valid memory
+		// change it for signature verification, and restore back	
+		uint8_t c = buf[-1];
+		const_cast<uint8_t *>(buf)[-1] = m_StoreType;
+		bool verified = verifier->Verify (buf - 1, signatureOffset + 1, buf + signatureOffset); 
+		const_cast<uint8_t *>(buf)[-1] = c;
 		if (!verified)
 			LogPrint (eLogWarning, "LeaseSet2: verification failed");
 		return verified;