[or-cvs] r15652: Validate service name in HidServAuth config. (tor/branches/121-hs-authorization/src/or)
kloesing at seul.org
kloesing at seul.org
Fri Jul 4 13:59:19 UTC 2008
Author: kloesing
Date: 2008-07-04 09:59:18 -0400 (Fri, 04 Jul 2008)
New Revision: 15652
Modified:
tor/branches/121-hs-authorization/src/or/rendclient.c
Log:
Validate service name in HidServAuth config.
Modified: tor/branches/121-hs-authorization/src/or/rendclient.c
===================================================================
--- tor/branches/121-hs-authorization/src/or/rendclient.c 2008-07-04 08:26:56 UTC (rev 15651)
+++ tor/branches/121-hs-authorization/src/or/rendclient.c 2008-07-04 13:59:18 UTC (rev 15652)
@@ -781,6 +781,7 @@
smartlist_t *sl = smartlist_create();
rend_service_authorization_t *auth = NULL;
int res = 0;
+ size_t len;
tor_assert(config_line);
smartlist_split_string(sl, config_line, " ",
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
@@ -794,6 +795,15 @@
service_name = smartlist_get(sl, 0);
auth = tor_malloc_zero(sizeof(rend_service_authorization_t));
auth->service_name = strdup(smartlist_get(sl, 0));
+ len = strlen(auth->service_name);
+ if (len < 1 || len > 19 ||
+ strspn(auth->service_name, REND_LEGAL_CLIENTNAME_CHARACTERS) != len) {
+ log_warn(LD_CONFIG, "HidServAuth contains an illegal service name: "
+ "'%s'. (Length must be between 1 and 19, and "
+ "valid characters are [A-Za-z0-9+-_].)",
+ auth->service_name);
+ goto free;
+ }
if (auth_hid_servs && strmap_get(auth_hid_servs, auth->service_name)) {
log_warn(LD_CONFIG, "Duplicate service name for configuration line: "
"'%s'", auth->service_name);
More information about the tor-commits
mailing list