Skip to content

Commit

Permalink
Merge pull request PurpleI2P#1016 from majestrate/fix-streaming-overflow
Browse files Browse the repository at this point in the history 
fix overflow
  • Loading branch information
@orignal
orignal authored Nov 23, 2017
2 parents 492d71a + ffad1ec commit 40cfbc5
Showing 1 changed file with 15 additions and 8 deletions.
23 changes: 15 additions & 8 deletions libi2pd/Streaming.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -244,16 +244,23 @@ namespace stream
{
uint8_t signature[256];
auto signatureLen = m_RemoteIdentity->GetSignatureLen ();
memcpy (signature, optionData, signatureLen);
memset (const_cast<uint8_t *>(optionData), 0, signatureLen);
if (!m_RemoteIdentity->Verify (packet->GetBuffer (), packet->GetLength (), signature))
if(signatureLen <= sizeof(signature))
{
LogPrint (eLogError, "Streaming: Signature verification failed, sSID=", m_SendStreamID, ", rSID=", m_RecvStreamID);
Close ();
flags |= PACKET_FLAG_CLOSE;
memcpy (signature, optionData, signatureLen);
memset (const_cast<uint8_t *>(optionData), 0, signatureLen);
if (!m_RemoteIdentity->Verify (packet->GetBuffer (), packet->GetLength (), signature))
{
LogPrint (eLogError, "Streaming: Signature verification failed, sSID=", m_SendStreamID, ", rSID=", m_RecvStreamID);
Close ();
flags |= PACKET_FLAG_CLOSE;
}
memcpy (const_cast<uint8_t *>(optionData), signature, signatureLen);
optionData += signatureLen;
}
else
{
LogPrint(eLogError, "Streaming: Signature too big, ", signatureLen, " bytes");
}
memcpy (const_cast<uint8_t *>(optionData), signature, signatureLen);
optionData += signatureLen;
}

packet->offset = packet->GetPayload () - packet->buf;
Expand Down

0 comments on commit 40cfbc5

Please sign in to comment.