balsoft/ligo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

P2p: fix bound checks

Browse Source 
Credit to `tomjack` on freenode.
This commit is contained in:
Grégoire Henry 2017-11-17 01:57:32 +01:00 committed by Grégoire
parent 5e1dee9e97
commit 72c414aaeb
No known key found for this signature in database
GPG Key ID: 5DB4C0A6B218258E
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/node/net/p2p_connection.ml
View File

@ -38,7 +38,7 @@ module Crypto = struct
let header_length = 2 let header_length = 2
let crypto_overhead = 18 (* FIXME import from Sodium.Box. *) let crypto_overhead = 18 (* FIXME import from Sodium.Box. *)
let max_content_length = let max_content_length =
1 lsl (header_length * 8) - crypto_overhead - header_length 1 lsl (header_length * 8) - crypto_overhead
type data = { type data = {
channel_key : Crypto_box.channel_key ; channel_key : Crypto_box.channel_key ;
@ -54,7 +54,7 @@ module Crypto = struct
Crypto_box.fast_box cryptobox_data.channel_key buf local_nonce in Crypto_box.fast_box cryptobox_data.channel_key buf local_nonce in
let encrypted_len = MBytes.length encrypted_message in let encrypted_len = MBytes.length encrypted_message in
fail_unless fail_unless
(encrypted_len < max_content_length) (encrypted_len < 1 lsl (header_length * 8))
Invalid_message_size >>=? fun () -> Invalid_message_size >>=? fun () ->
MBytes.set_int16 header_buf 0 encrypted_len ; MBytes.set_int16 header_buf 0 encrypted_len ;
P2p_io_scheduler.write fd header_buf >>=? fun () -> P2p_io_scheduler.write fd header_buf >>=? fun () ->