From 788a7f234bc9a975b21140cac7a3736bc6806810 Mon Sep 17 00:00:00 2001
From: Dimitris Apostolou <dimitris.apostolou@icloud.com>
Date: Sun, 19 Jan 2025 18:55:06 +0200
Subject: [PATCH] Fix buffer accessed out of bounds
---
libi2pd/Identity.cpp | 27 ++++++++++++++++++++-------
1 file changed, 20 insertions(+), 7 deletions(-)
diff --git a/libi2pd/Identity.cpp b/libi2pd/Identity.cpp
index 89bf71d4..0148f530 100644
--- a/libi2pd/Identity.cpp
+++ b/libi2pd/Identity.cpp
@@ -18,20 +18,33 @@ namespace data
{
Identity& Identity::operator=(const Keys& keys)
{
+ // Ensure the destination buffers are not accessed out of bounds
+ static_assert(sizeof(publicKey) >= sizeof(keys.publicKey), "publicKey buffer too small");
+ static_assert(sizeof(signingKey) >= sizeof(keys.signingKey), "signingKey buffer too small");
+
// copy public and signing keys together
- memcpy (publicKey, keys.publicKey, sizeof (publicKey));
- memcpy (signingKey, keys.signingKey, sizeof (signingKey));
- memset (certificate, 0, sizeof (certificate));
+ memcpy(publicKey, keys.publicKey, sizeof(keys.publicKey));
+ memcpy(signingKey, keys.signingKey, sizeof(keys.signingKey));
+ memset(certificate, 0, sizeof(certificate)); // Clear certificate safely
return *this;
}
- size_t Identity::FromBuffer (const uint8_t * buf, size_t len)
+ size_t Identity::FromBuffer(const uint8_t* buf, size_t len)
{
- if ( len < DEFAULT_IDENTITY_SIZE ) {
- // buffer too small, don't overflow
+ if (len < DEFAULT_IDENTITY_SIZE) {
+ // buffer too small, avoid overflow
+ LogPrint(eLogError, "Identity::FromBuffer: Buffer too small, expected at least ", DEFAULT_IDENTITY_SIZE, " bytes");
return 0;
}
- memcpy (publicKey, buf, DEFAULT_IDENTITY_SIZE);
+
+ // Copy only up to the size of publicKey and ensure no overflow occurs
+ memcpy(publicKey, buf, sizeof(publicKey));
+
+ // Log or handle unexpected large buffers
+ if (len > DEFAULT_IDENTITY_SIZE) {
+ LogPrint(eLogWarning, "Identity::FromBuffer: Extra data in buffer ignored");
+ }
+
return DEFAULT_IDENTITY_SIZE;
}