[tor-commits] [collector/master] Validate base64 input more carefully before parsing.
karsten at torproject.org
karsten at torproject.org
Fri Sep 30 13:48:49 UTC 2016
commit a66e7d350d54bc1f769f42444f914955781bcc37
Author: Karsten Loesing <karsten.loesing at gmx.net>
Date: Wed Sep 28 17:06:51 2016 +0200
Validate base64 input more carefully before parsing.
---
.../bridgedescs/SanitizedBridgesWriter.java | 10 ++++++++++
.../bridgedescs/SanitizedBridgesWriterTest.java | 23 ++++++++++++++++++++++
2 files changed, 33 insertions(+)
diff --git a/src/main/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriter.java b/src/main/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriter.java
index abec743..d93cd90 100644
--- a/src/main/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriter.java
+++ b/src/main/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriter.java
@@ -479,6 +479,11 @@ public class SanitizedBridgesWriter extends CollecTorMain {
+ "status. Skipping descriptor.");
return;
}
+ if (!Base64.isBase64(parts[2])) {
+ logger.warn("Illegal base64 character in r line '" + parts[2]
+ + "'. Skipping descriptor.");
+ return;
+ }
fingerprintBytes = Base64.decodeBase64(parts[2] + "==");
descPublicationTime = parts[4] + " " + parts[5];
String address = parts[6];
@@ -776,6 +781,11 @@ public class SanitizedBridgesWriter extends CollecTorMain {
scrubbed.append("extra-info-digest " + DigestUtils.shaHex(
Hex.decodeHex(parts[1].toCharArray())).toUpperCase());
if (parts.length > 2) {
+ if (!Base64.isBase64(parts[2])) {
+ logger.warn("Illegal base64 character in extra-info-digest line '"
+ + line + "'. Skipping descriptor.");
+ return;
+ }
scrubbed.append(" " + Base64.encodeBase64String(
DigestUtils.sha256(Base64.decodeBase64(parts[2])))
.replaceAll("=", ""));
diff --git a/src/test/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriterTest.java b/src/test/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriterTest.java
index 9f3857f..e248b10 100644
--- a/src/test/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriterTest.java
+++ b/src/test/java/org/torproject/collector/bridgedescs/SanitizedBridgesWriterTest.java
@@ -301,6 +301,18 @@ public class SanitizedBridgesWriterTest {
}
@Test
+ public void testServerDescriptorExtraInfoDigestInvalidBase64()
+ throws Exception {
+ this.defaultServerDescriptorBuilder.replaceLineStartingWith(
+ "extra-info-digest ", Arrays.asList("extra-info-digest "
+ + "6D03E80568DEFA102968D144CB35FFA6E3355B8A "
+ + "#*?$%ยง@nxukmmcT1+UnDg4qh0yKbjVUYKhGL8VksoJA"));
+ this.runTest();
+ assertTrue("Invalid base64 in server descriptor accepted.",
+ this.parsedServerDescriptors.isEmpty());
+ }
+
+ @Test
public void testServerDescriptorExtraInfoDigestSha1Only()
throws Exception {
this.defaultServerDescriptorBuilder.replaceLineStartingWith(
@@ -497,6 +509,17 @@ public class SanitizedBridgesWriterTest {
}
@Test
+ public void testNetworkStatusRlineInvalidBase64() throws Exception {
+ this.defaultNetworkStatusBuilder.replaceLineStartingWith("r ",
+ Arrays.asList("r MeekGoogle R#SnE*e4+lFag:xr_XxSL+J;ZVs "
+ + "g+M7'w+lG$mv6NW9&RmvzLO(R0Y 2016-06-30 21:43:52 "
+ + "198.50.200.131 8008 0"));
+ this.runTest();
+ assertTrue("Should not have accepted invalid base64.",
+ this.parsedNetworkStatuses.isEmpty());
+ }
+
+ @Test
public void testNetworkStatusAlinePortMissing() throws Exception {
this.configuration.setProperty(Key.ReplaceIpAddressesWithHashes.name(),
"true");
More information about the tor-commits
mailing list