[or-cvs] r16309: Limit hidden service descriptor size to 20 kilobytes. (tor/branches/121-hs-authorization/src/or)
kloesing at seul.org
kloesing at seul.org
Thu Jul 31 19:05:25 UTC 2008
Author: kloesing
Date: 2008-07-31 15:05:25 -0400 (Thu, 31 Jul 2008)
New Revision: 16309
Modified:
tor/branches/121-hs-authorization/src/or/or.h
tor/branches/121-hs-authorization/src/or/routerparse.c
Log:
Limit hidden service descriptor size to 20 kilobytes.
Modified: tor/branches/121-hs-authorization/src/or/or.h
===================================================================
--- tor/branches/121-hs-authorization/src/or/or.h 2008-07-31 17:30:18 UTC (rev 16308)
+++ tor/branches/121-hs-authorization/src/or/or.h 2008-07-31 19:05:25 UTC (rev 16309)
@@ -647,6 +647,9 @@
* exchanging client authorization between hidden service and client. */
#define REND_DESC_COOKIE_LEN_BASE64 22
+/** Maximum size of v2 hidden service descriptors. */
+#define REND_DESC_MAX_SIZE 20 * 1024
+
/** Legal characters for use in authorized client names for a hidden
* service. */
#define REND_LEGAL_CLIENTNAME_CHARACTERS \
Modified: tor/branches/121-hs-authorization/src/or/routerparse.c
===================================================================
--- tor/branches/121-hs-authorization/src/or/routerparse.c 2008-07-31 17:30:18 UTC (rev 16308)
+++ tor/branches/121-hs-authorization/src/or/routerparse.c 2008-07-31 19:05:25 UTC (rev 16309)
@@ -3385,6 +3385,13 @@
eos = desc + strlen(desc);
else
eos = eos + 1;
+ /* Check length. */
+ if (strlen(desc) > REND_DESC_MAX_SIZE) {
+ log_warn(LD_REND, "Descriptor length is %i which exceeds "
+ "maximum descriptor size of %i kilobytes.",
+ strlen(desc), REND_DESC_MAX_SIZE);
+ goto err;
+ }
/* Tokenize descriptor. */
area = memarea_new(4096);
if (tokenize_string(area, desc, eos, tokens, desc_token_table, 0)) {
More information about the tor-commits
mailing list