Merge pull request #1701 from simonvetter/openssl

fix a few undefined behaviour/out of bounds issues
This commit is contained in:
orignal 2021-10-19 18:25:06 -04:00 committed by GitHub
commit 4ce7e192d6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 9 additions and 8 deletions

View file

@ -534,7 +534,7 @@ namespace garlic
LogPrint (eLogError, "Garlic: Can't encode elligator");
return false;
}
memcpy (m_NSREncodedKey, out + offset, 56); // for possible next NSR
memcpy (m_NSREncodedKey, out + offset, 32); // for possible next NSR
memcpy (m_NSRH, m_H, 32);
offset += 32;
// KDF for Reply Key Section

View file

@ -19,7 +19,8 @@ namespace data
Identity& Identity::operator=(const Keys& keys)
{
// copy public and signing keys together
memcpy (publicKey, keys.publicKey, sizeof (publicKey) + sizeof (signingKey));
memcpy (publicKey, keys.publicKey, sizeof (publicKey));
memcpy (signingKey, keys.signingKey, sizeof (signingKey));
memset (certificate, 0, sizeof (certificate));
return *this;
}

View file

@ -66,8 +66,8 @@ namespace data
if (it != m_RouterInfos.end ())
{
// remove own router
m_RouterInfos.erase (it);
m_Floodfills.remove (it->second);
m_RouterInfos.erase (it);
}
// insert own router
m_RouterInfos.emplace (i2p::context.GetIdentHash (), i2p::context.GetSharedRouterInfo ());

View file

@ -185,7 +185,7 @@ namespace transport
auto& incompleteMessage = it->second;
// mark fragment as received
if (fragmentNum < 64)
incompleteMessage->receivedFragmentsBits |= (0x01 << fragmentNum);
incompleteMessage->receivedFragmentsBits |= (uint64_t(0x01) << fragmentNum);
else
LogPrint (eLogWarning, "SSU: Fragment number ", fragmentNum, " exceeds 64");

View file

@ -303,7 +303,7 @@ namespace transport
}
else
{
LogPrint (eLogError, "SSU: Wrong external address ", ourIP.to_string ());
LogPrint (eLogError, "SSU: External address ", ourIP.to_string (), " is in reserved range");
Failed ();
}
}
@ -609,7 +609,7 @@ namespace transport
{
*payload = 16;
payload++; // size
memcpy (payload, to.address ().to_v6 ().to_bytes ().data (), 16); // Alice's IP V6
memcpy (payload, to.address ().to_v6 ().to_bytes ().data (), 16); // Charlie's IP V6
payload += 16; // address
}
htobe16buf (payload, to.port ()); // Charlie's port
@ -703,7 +703,7 @@ namespace transport
if (!i2p::util::net::IsInReservedRange (ourIP))
i2p::context.UpdateAddress (ourIP);
else
LogPrint (eLogWarning, "SSU: Wrong external address ", ourIP.to_string ());
LogPrint (eLogError, "SSU: External address ", ourIP.to_string (), " is in reserved range");
if (ourIP.is_v4 ())
{
if (ourPort != m_Server.GetPort ())
@ -1301,7 +1301,7 @@ namespace transport
ip = boost::asio::ip::address_v6 (bytes);
}
else
LogPrint (eLogWarning, "SSU: Address size ", size, " is not supported");
LogPrint (eLogWarning, "SSU: Address size ", int(size), " is not supported");
buf += size;
port = bufbe16toh (buf);
return s;