[tor-commits] [metrics-lib/release] Fix NPE when parsing invalid crypto blocks.
karsten at torproject.org
karsten at torproject.org
Wed Jan 15 21:46:57 UTC 2020
commit d6e9a0d75eb70500aa05097e3d09f4c77d37ddbb
Author: Karsten Loesing <karsten.loesing at gmx.net>
Date: Wed Nov 20 17:19:44 2019 +0100
Fix NPE when parsing invalid crypto blocks.
---
CHANGELOG.md | 4 ++++
.../descriptor/impl/DirectoryKeyCertificateImpl.java | 4 ++++
.../org/torproject/descriptor/impl/DirectorySignatureImpl.java | 4 ++++
.../torproject/descriptor/impl/ExtraInfoDescriptorImpl.java | 4 ++++
.../org/torproject/descriptor/impl/MicrodescriptorImpl.java | 4 ++++
.../org/torproject/descriptor/impl/RelayDirectoryImpl.java | 8 ++++++++
.../org/torproject/descriptor/impl/RelayNetworkStatusImpl.java | 8 ++++++++
.../torproject/descriptor/impl/RelayNetworkStatusVoteImpl.java | 4 ++++
.../org/torproject/descriptor/impl/ServerDescriptorImpl.java | 4 ++++
.../descriptor/impl/ExtraInfoDescriptorImplTest.java | 10 ++++++++++
.../torproject/descriptor/impl/ServerDescriptorImplTest.java | 10 ++++++++++
11 files changed, 64 insertions(+)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1cf59e0..568f115 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
# Changes in version 2.?.? - 2019-1?-??
+ * Minor changes
+ - Fix a NullPointerException when parsing an invalid crypto block
+ starting with "-----END " rather than "-----BEGIN ".
+
# Changes in version 2.9.1 - 2019-11-09
diff --git a/src/main/java/org/torproject/descriptor/impl/DirectoryKeyCertificateImpl.java b/src/main/java/org/torproject/descriptor/impl/DirectoryKeyCertificateImpl.java
index a9268ce..8ae1ed7 100644
--- a/src/main/java/org/torproject/descriptor/impl/DirectoryKeyCertificateImpl.java
+++ b/src/main/java/org/torproject/descriptor/impl/DirectoryKeyCertificateImpl.java
@@ -80,6 +80,10 @@ public class DirectoryKeyCertificateImpl extends DescriptorImpl
crypto.append(line).append(NL);
break;
case CRYPTO_END:
+ if (null == crypto) {
+ throw new DescriptorParseException(Key.CRYPTO_END + " before "
+ + Key.CRYPTO_BEGIN);
+ }
crypto.append(line).append(NL);
String cryptoString = crypto.toString();
crypto = null;
diff --git a/src/main/java/org/torproject/descriptor/impl/DirectorySignatureImpl.java b/src/main/java/org/torproject/descriptor/impl/DirectorySignatureImpl.java
index 6430e7f..248d546 100644
--- a/src/main/java/org/torproject/descriptor/impl/DirectorySignatureImpl.java
+++ b/src/main/java/org/torproject/descriptor/impl/DirectorySignatureImpl.java
@@ -70,6 +70,10 @@ public class DirectorySignatureImpl implements DirectorySignature {
crypto.append(line).append(NL);
break;
case CRYPTO_END:
+ if (null == crypto) {
+ throw new DescriptorParseException(Key.CRYPTO_END + " before "
+ + Key.CRYPTO_BEGIN);
+ }
crypto.append(line).append(NL);
String cryptoString = crypto.toString();
crypto = null;
diff --git a/src/main/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImpl.java b/src/main/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImpl.java
index 7053ced..17ac6e5 100644
--- a/src/main/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImpl.java
+++ b/src/main/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImpl.java
@@ -242,6 +242,10 @@ public abstract class ExtraInfoDescriptorImpl extends DescriptorImpl
cryptoLines.add(line);
break;
case CRYPTO_END:
+ if (null == cryptoLines) {
+ throw new DescriptorParseException(Key.CRYPTO_END + " before "
+ + Key.CRYPTO_BEGIN);
+ }
cryptoLines.add(line);
StringBuilder sb = new StringBuilder();
for (String cryptoLine : cryptoLines) {
diff --git a/src/main/java/org/torproject/descriptor/impl/MicrodescriptorImpl.java b/src/main/java/org/torproject/descriptor/impl/MicrodescriptorImpl.java
index dc9795c..47028bd 100644
--- a/src/main/java/org/torproject/descriptor/impl/MicrodescriptorImpl.java
+++ b/src/main/java/org/torproject/descriptor/impl/MicrodescriptorImpl.java
@@ -71,6 +71,10 @@ public class MicrodescriptorImpl extends DescriptorImpl
crypto.append(line).append(NL);
break;
case CRYPTO_END:
+ if (null == crypto) {
+ throw new DescriptorParseException(Key.CRYPTO_END + " before "
+ + Key.CRYPTO_BEGIN);
+ }
crypto.append(line).append(NL);
String cryptoString = crypto.toString();
crypto = null;
diff --git a/src/main/java/org/torproject/descriptor/impl/RelayDirectoryImpl.java b/src/main/java/org/torproject/descriptor/impl/RelayDirectoryImpl.java
index 6370e87..55303d2 100644
--- a/src/main/java/org/torproject/descriptor/impl/RelayDirectoryImpl.java
+++ b/src/main/java/org/torproject/descriptor/impl/RelayDirectoryImpl.java
@@ -125,6 +125,10 @@ public class RelayDirectoryImpl extends DescriptorImpl
crypto.append(line).append(NL);
break;
case CRYPTO_END:
+ if (null == crypto) {
+ throw new DescriptorParseException(Key.CRYPTO_END + " before "
+ + Key.CRYPTO_BEGIN);
+ }
crypto.append(line).append(NL);
String cryptoString = crypto.toString();
crypto = null;
@@ -215,6 +219,10 @@ public class RelayDirectoryImpl extends DescriptorImpl
crypto.append(line).append(NL);
break;
case CRYPTO_END:
+ if (null == crypto) {
+ throw new DescriptorParseException(Key.CRYPTO_END + " before "
+ + Key.CRYPTO_BEGIN);
+ }
crypto.append(line).append(NL);
String cryptoString = crypto.toString();
crypto = null;
diff --git a/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusImpl.java b/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusImpl.java
index 11cc631..1af9503 100644
--- a/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusImpl.java
+++ b/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusImpl.java
@@ -81,6 +81,10 @@ public class RelayNetworkStatusImpl extends NetworkStatusImpl
crypto.append(line).append(NL);
break;
case CRYPTO_END:
+ if (null == crypto) {
+ throw new DescriptorParseException(Key.CRYPTO_END + " before "
+ + Key.CRYPTO_BEGIN);
+ }
crypto.append(line).append(NL);
String cryptoString = crypto.toString();
crypto = null;
@@ -130,6 +134,10 @@ public class RelayNetworkStatusImpl extends NetworkStatusImpl
crypto.append(line).append(NL);
break;
case CRYPTO_END:
+ if (null == crypto) {
+ throw new DescriptorParseException(Key.CRYPTO_END + " before "
+ + Key.CRYPTO_BEGIN);
+ }
crypto.append(line).append(NL);
String cryptoString = crypto.toString();
crypto = null;
diff --git a/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusVoteImpl.java b/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusVoteImpl.java
index bb71842..8e83b83 100644
--- a/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusVoteImpl.java
+++ b/src/main/java/org/torproject/descriptor/impl/RelayNetworkStatusVoteImpl.java
@@ -186,6 +186,10 @@ public class RelayNetworkStatusVoteImpl extends NetworkStatusImpl
crypto.append(line).append(NL);
break;
case CRYPTO_END:
+ if (null == crypto) {
+ throw new DescriptorParseException(Key.CRYPTO_END + " before "
+ + Key.CRYPTO_BEGIN);
+ }
crypto.append(line).append(NL);
String cryptoString = crypto.toString();
crypto = null;
diff --git a/src/main/java/org/torproject/descriptor/impl/ServerDescriptorImpl.java b/src/main/java/org/torproject/descriptor/impl/ServerDescriptorImpl.java
index 995909c..7102335 100644
--- a/src/main/java/org/torproject/descriptor/impl/ServerDescriptorImpl.java
+++ b/src/main/java/org/torproject/descriptor/impl/ServerDescriptorImpl.java
@@ -181,6 +181,10 @@ public abstract class ServerDescriptorImpl extends DescriptorImpl
cryptoLines.add(line);
break;
case CRYPTO_END:
+ if (null == cryptoLines) {
+ throw new DescriptorParseException(Key.CRYPTO_END + " before "
+ + Key.CRYPTO_BEGIN);
+ }
cryptoLines.add(line);
StringBuilder sb = new StringBuilder();
for (String cryptoLine : cryptoLines) {
diff --git a/src/test/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImplTest.java b/src/test/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImplTest.java
index c90207a..4aa2008 100644
--- a/src/test/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImplTest.java
+++ b/src/test/java/org/torproject/descriptor/impl/ExtraInfoDescriptorImplTest.java
@@ -2244,6 +2244,16 @@ public class ExtraInfoDescriptorImplTest {
}
@Test
+ public void testEd25519IdentityInvalidCrypto()
+ throws DescriptorParseException {
+ this.thrown.expect(DescriptorParseException.class);
+ this.thrown.expectMessage("CRYPTO_END before CRYPTO_BEGIN");
+ DescriptorBuilder.createWithEd25519Lines("identity-ed25519\n"
+ + "-----END ED25519 CERT-----\n-----BEGIN ED25519 CERT-----",
+ MASTER_KEY_ED25519_LINE, ROUTER_SIG_ED25519_LINE);
+ }
+
+ @Test
public void testEd25519MasterKeyMissing()
throws DescriptorParseException {
ExtraInfoDescriptor descriptor =
diff --git a/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java b/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java
index cd0b5dd..bd1d1d2 100644
--- a/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java
+++ b/src/test/java/org/torproject/descriptor/impl/ServerDescriptorImplTest.java
@@ -1826,6 +1826,16 @@ public class ServerDescriptorImplTest {
}
@Test
+ public void testEd25519IdentityInvalidCrypto()
+ throws DescriptorParseException {
+ this.thrown.expect(DescriptorParseException.class);
+ this.thrown.expectMessage("CRYPTO_END before CRYPTO_BEGIN");
+ DescriptorBuilder.createWithEd25519Lines("identity-ed25519\n"
+ + "-----END ED25519 CERT-----\n-----BEGIN ED25519 CERT-----",
+ MASTER_KEY_ED25519_LINE, ROUTER_SIG_ED25519_LINE);
+ }
+
+ @Test
public void testEd25519MasterKeyMissing()
throws DescriptorParseException {
ServerDescriptor descriptor =
More information about the tor-commits
mailing list