diff options
author | Christian Grothoff <christian@grothoff.org> | 2015-10-02 14:52:08 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2015-10-02 14:52:08 +0000 |
commit | 60344e803ae3cd119395e1b975284f00729236b4 (patch) | |
tree | 869e474783ac6210e21a8dc5b18ea4c093e05086 /src/peerinfo/gnunet-service-peerinfo.c | |
parent | 8ec4632f37524d43b9893ca716fdc9ab11b5233c (diff) | |
download | gnunet-60344e803ae3cd119395e1b975284f00729236b4.tar.gz gnunet-60344e803ae3cd119395e1b975284f00729236b4.zip |
-properly verify size, fixes #3991
Diffstat (limited to 'src/peerinfo/gnunet-service-peerinfo.c')
-rw-r--r-- | src/peerinfo/gnunet-service-peerinfo.c | 31 |
1 files changed, 22 insertions, 9 deletions
diff --git a/src/peerinfo/gnunet-service-peerinfo.c b/src/peerinfo/gnunet-service-peerinfo.c index 998cd57d1..e6ba65e40 100644 --- a/src/peerinfo/gnunet-service-peerinfo.c +++ b/src/peerinfo/gnunet-service-peerinfo.c | |||
@@ -365,19 +365,32 @@ read_host_file (const char *fn, | |||
365 | { | 365 | { |
366 | hello = (const struct GNUNET_HELLO_Message *) &buffer[read_pos]; | 366 | hello = (const struct GNUNET_HELLO_Message *) &buffer[read_pos]; |
367 | size_hello = GNUNET_HELLO_size (hello); | 367 | size_hello = GNUNET_HELLO_size (hello); |
368 | if (0 == size_hello) | 368 | if ( (0 == size_hello) || |
369 | (size_total - read_pos < size_hello) ) | ||
370 | { | ||
371 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
372 | _("Failed to parse HELLO in file `%s'\n"), | ||
373 | fn); | ||
374 | if (0 == read_pos) | ||
369 | { | 375 | { |
370 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 376 | if ((GNUNET_YES == unlink_garbage) && |
371 | _("Failed to parse HELLO in file `%s'\n"), | 377 | (0 != UNLINK (fn)) && |
372 | fn); | 378 | (ENOENT != errno) ) |
373 | if ((GNUNET_YES == unlink_garbage) && | 379 | GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, |
374 | (0 != UNLINK (fn)) && | ||
375 | (ENOENT != errno) ) | ||
376 | GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, | ||
377 | "unlink", | 380 | "unlink", |
378 | fn); | 381 | fn); |
379 | return; | ||
380 | } | 382 | } |
383 | else | ||
384 | { | ||
385 | if ((GNUNET_YES == unlink_garbage) && | ||
386 | (0 != TRUNCATE (fn, read_pos)) && | ||
387 | (ENOENT != errno) ) | ||
388 | GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, | ||
389 | "truncate", | ||
390 | fn); | ||
391 | } | ||
392 | return; | ||
393 | } | ||
381 | 394 | ||
382 | now = GNUNET_TIME_absolute_get (); | 395 | now = GNUNET_TIME_absolute_get (); |
383 | hello_clean = GNUNET_HELLO_iterate_addresses (hello, GNUNET_YES, | 396 | hello_clean = GNUNET_HELLO_iterate_addresses (hello, GNUNET_YES, |