[tor-commits] [tor/release-0.3.0] Reject Tor versions that contain non-numeric prefixes
nickm at torproject.org
nickm at torproject.org
Wed Jun 28 18:04:02 UTC 2017
commit 57154e71aa3b0ff205f2700e97f0ffe4531e1330
Author: teor <teor2345 at gmail.com>
Date: Sun Feb 19 22:38:06 2017 +1100
Reject Tor versions that contain non-numeric prefixes
strto* and _atoi64 accept +, -, and various whitespace before numeric
characters. And permitted whitespace is different between POSIX and Windows.
Fixes bug 21507 and part of 21508; bugfix on 0.0.8pre1.
---
changes/bug21507 | 5 +++++
src/or/routerparse.c | 2 ++
2 files changed, 7 insertions(+)
diff --git a/changes/bug21507 b/changes/bug21507
new file mode 100644
index 0000000..f83e291
--- /dev/null
+++ b/changes/bug21507
@@ -0,0 +1,5 @@
+ o Minor bugfixes (voting consistency):
+ - Reject version numbers with non-numeric prefixes (such as +, -, and
+ whitespace). Disallowing whitespace prevents differential version
+ parsing between POSIX-based and Windows platforms.
+ Fixes bug 21507 and part of 21508; bugfix on 0.0.8pre1.
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 2ee0d27..521e237 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -5621,6 +5621,8 @@ tor_version_parse(const char *s, tor_version_t *out)
#define NUMBER(m) \
do { \
+ if (!cp || *cp < '0' || *cp > '9') \
+ return -1; \
out->m = (int)tor_parse_uint64(cp, 10, 0, INT32_MAX, &ok, &eos); \
if (!ok) \
return -1; \
More information about the tor-commits
mailing list