[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-exchange] 05/06: better logging if IBAN validation f
From: |
gnunet |
Subject: |
[GNUnet-SVN] [taler-exchange] 05/06: better logging if IBAN validation fails, also avoid potentially unbounded stack allocation |
Date: |
Fri, 06 Oct 2017 21:11:44 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository exchange.
commit 06f5621fbac43c59b15fa4ef9e0fe92b828cec5b
Author: Christian Grothoff <address@hidden>
AuthorDate: Fri Oct 6 21:04:39 2017 +0200
better logging if IBAN validation fails, also avoid potentially unbounded
stack allocation
---
src/exchange-lib/exchange_api_reserve.c | 15 ++++++++++++++-
src/wire/plugin_wire_sepa.c | 8 ++++++++
2 files changed, 22 insertions(+), 1 deletion(-)
diff --git a/src/exchange-lib/exchange_api_reserve.c
b/src/exchange-lib/exchange_api_reserve.c
index 40c9d49..6af500e 100644
--- a/src/exchange-lib/exchange_api_reserve.c
+++ b/src/exchange-lib/exchange_api_reserve.c
@@ -827,7 +827,20 @@ reserve_withdraw_payment_required (struct
TALER_EXCHANGE_ReserveWithdrawHandle *
total incoming and outgoing amounts */
len = json_array_size (history);
{
- struct TALER_EXCHANGE_ReserveHistory rhistory[len];
+ struct TALER_EXCHANGE_ReserveHistory *rhistory;
+
+ /* Use heap allocation as "len" may be very big and thus this may
+ not fit on the stack. Use "GNUNET_malloc_large" as a malicious
+ exchange may theoretically try to crash us by giving a history
+ that does not fit into our memory. */
+ rhistory = GNUNET_malloc_large (sizeof (struct
TALER_EXCHANGE_ReserveHistory) * len);
+ if (NULL == rhistory)
+ {
+ GNUNET_break (0);
+ free_rhistory (rhistory,
+ len);
+ return GNUNET_SYSERR;
+ }
if (GNUNET_OK !=
parse_reserve_history (wsh->exchange,
diff --git a/src/wire/plugin_wire_sepa.c b/src/wire/plugin_wire_sepa.c
index f0cef02..5de3472 100644
--- a/src/wire/plugin_wire_sepa.c
+++ b/src/wire/plugin_wire_sepa.c
@@ -292,7 +292,10 @@ validate_iban (const char *iban)
len = strlen (iban);
if (len > 34)
+ {
+ GNUNET_break_op (0);
return GNUNET_NO;
+ }
strncpy (cc, iban, 2);
strncpy (ibancpy, iban + 4, len - 4);
strncpy (ibancpy + len - 4, iban, 4);
@@ -305,7 +308,10 @@ validate_iban (const char *iban)
sizeof (country_table) / sizeof (struct table_entry),
sizeof (struct table_entry),
&cmp_country_code))
+ {
+ GNUNET_break_op (0);
return GNUNET_NO;
+ }
nbuf = GNUNET_malloc ((len * 2) + 1);
for (i=0, j=0; i < len; i++)
{
@@ -338,6 +344,7 @@ validate_iban (const char *iban)
&nread)))
{
GNUNET_free (nbuf);
+ GNUNET_break_op (0);
return GNUNET_NO;
}
if (0 != remainder)
@@ -347,6 +354,7 @@ validate_iban (const char *iban)
GNUNET_free (nbuf);
if (1 == remainder)
return GNUNET_YES;
+ GNUNET_break_op (0); /* checksum wrong */
return GNUNET_NO;
}
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [taler-exchange] branch master updated (85a2d3d -> 800c54b), gnunet, 2017/10/06
- [GNUnet-SVN] [taler-exchange] 06/06: do not potentially pass -1 to fcntl(), gnunet, 2017/10/06
- [GNUnet-SVN] [taler-exchange] 04/06: check return value from TALER_amount_get_zero, gnunet, 2017/10/06
- [GNUnet-SVN] [taler-exchange] 02/06: fix indentation, gnunet, 2017/10/06
- [GNUnet-SVN] [taler-exchange] 01/06: fix signed calls to isalpha/isdigit/isspace etc., gnunet, 2017/10/06
- [GNUnet-SVN] [taler-exchange] 03/06: check return value from TALER_JSON_hash, gnunet, 2017/10/06
- [GNUnet-SVN] [taler-exchange] 05/06: better logging if IBAN validation fails, also avoid potentially unbounded stack allocation,
gnunet <=