[net] Check i2p private key constraints

dergoegge · vasild · dergoegge · commit cf70a8d56510 · 2023-10-26T16:50:50.000+01:00
Co-authored-by: Vasil Dimov &lt;vd@FreeBSD.org&gt;
diff --git a/src/i2p.cpp b/src/i2p.cpp
@@ -351,11 +351,26 @@ Binary Session::MyDestination() const
     static constexpr size_t CERT_LEN_POS = 385;
 
     uint16_t cert_len;
+
+    if (m_private_key.size() < CERT_LEN_POS + sizeof(cert_len)) {
+        throw std::runtime_error(strprintf("The private key is too short (%d < %d)",
+                                           m_private_key.size(),
+                                           CERT_LEN_POS + sizeof(cert_len)));
+    }
+
     memcpy(&cert_len, &m_private_key.at(CERT_LEN_POS), sizeof(cert_len));
     cert_len = be16toh(cert_len);
 
     const size_t dest_len = DEST_LEN_BASE + cert_len;
 
+    if (dest_len > m_private_key.size()) {
+        throw std::runtime_error(strprintf("Certificate length (%d) designates that the private key should "
+                                           "be %d bytes, but it is only %d bytes",
+                                           cert_len,
+                                           dest_len,
+                                           m_private_key.size()));
+    }
+
     return Binary{m_private_key.begin(), m_private_key.begin() + dest_len};
 }
 
