fix #8659 in anastasis.git

author: Christian Grothoff <christian@grothoff.org> 2024-04-21 09:28:33 +0200
committer: Christian Grothoff <christian@grothoff.org> 2024-04-21 09:28:33 +0200
commit: 75695e6416dce7f4eb2ba42d78e87e7f79e41c51 (patch)
tree: c1382bf00bd1e549afbd8fe76296c99ebac6e64a /src/lib/anastasis_recovery.c
parent: e0175bb4e1f0980deeffc24f575210c40ca0e2c3 (diff)
download: anastasis-75695e6416dce7f4eb2ba42d78e87e7f79e41c51.tar.gz
anastasis-75695e6416dce7f4eb2ba42d78e87e7f79e41c51.tar.bz2
anastasis-75695e6416dce7f4eb2ba42d78e87e7f79e41c51.zip
1 files changed, 80 insertions, 39 deletions
diff --git a/src/lib/anastasis_recovery.c b/src/lib/anastasis_recovery.c
index f164c93..41f35a5 100644
--- a/src/lib/anastasis_recovery.c
+++ b/src/lib/anastasis_recovery.c
@@ -782,13 +782,11 @@ policy_lookup_cb (void *cls,
         json_dumpf (recovery_document,
                     stderr,
                     0);
-        json_decref (recovery_document);
         r->csc (r->csc_cls,
                 ANASTASIS_RS_POLICY_MALFORMED_JSON,
                 NULL,
                 0);
-        ANASTASIS_recovery_abort (r);
-        return;
+        goto cleanup;
       }
       if (NULL != secret_name)
       {
@@ -799,19 +797,37 @@ policy_lookup_cb (void *cls,
     }
   }
 
+  if ( (json_array_size (esc_methods) > UINT_MAX) ||
+       (json_array_size (dec_policies) > UINT_MAX) )
+  {
+    GNUNET_break_op (0);
+    r->csc (r->csc_cls,
+            ANASTASIS_RS_POLICY_DOWNLOAD_TOO_BIG,
+            NULL,
+            0);
+    goto cleanup;
+  }
+
   r->ri.version = dd->details.ok.version;
-  r->ri.cs_len = json_array_size (esc_methods);
-  r->ri.dps_len = json_array_size (dec_policies);
-  r->ri.dps = GNUNET_new_array (r->ri.dps_len,
-                                struct ANASTASIS_DecryptionPolicy *);
-  r->dps = GNUNET_new_array (r->ri.dps_len,
-                             struct DecryptionPolicy);
-  r->solved_challenges = GNUNET_new_array (r->ri.cs_len,
-                                           struct ANASTASIS_Challenge *);
-  r->ri.cs = GNUNET_new_array (r->ri.cs_len,
-                               struct ANASTASIS_Challenge *);
-  r->cs = GNUNET_new_array (r->ri.cs_len,
-                            struct ANASTASIS_Challenge);
+  r->ri.cs_len
+    = (unsigned int) json_array_size (esc_methods);
+  r->ri.dps_len
+    = (unsigned int) json_array_size (dec_policies);
+  r->ri.dps
+    = GNUNET_new_array (r->ri.dps_len,
+                        struct ANASTASIS_DecryptionPolicy *);
+  r->dps
+    = GNUNET_new_array (r->ri.dps_len,
+                        struct DecryptionPolicy);
+  r->solved_challenges
+    = GNUNET_new_array (r->ri.cs_len,
+                        struct ANASTASIS_Challenge *);
+  r->ri.cs
+    = GNUNET_new_array (r->ri.cs_len,
+                        struct ANASTASIS_Challenge *);
+  r->cs
+    = GNUNET_new_array (r->ri.cs_len,
+                        struct ANASTASIS_Challenge);
   for (unsigned int i = 0; i < r->ri.cs_len; i++)
   {
     struct ANASTASIS_Challenge *cs = &r->cs[i];
@@ -849,9 +865,7 @@ policy_lookup_cb (void *cls,
               ANASTASIS_RS_POLICY_MALFORMED_JSON,
               NULL,
               0);
-      ANASTASIS_recovery_abort (r);
-      json_decref (recovery_document);
-      return;
+      goto cleanup;
     }
     cs->url = GNUNET_strdup (url);
     cs->type = GNUNET_strdup (escrow_type);
@@ -890,15 +904,23 @@ policy_lookup_cb (void *cls,
               ANASTASIS_RS_POLICY_MALFORMED_JSON,
               NULL,
               0);
-      ANASTASIS_recovery_abort (r);
-      json_decref (recovery_document);
-      return;
+      goto cleanup;
     }
 
     GNUNET_assert (NULL != dp->emk);
     GNUNET_assert (dp->emk_size > 0);
 
-    dp->pub_details.challenges_length = json_array_size (uuids);
+    if (json_array_size (uuids) > UINT_MAX)
+    {
+      GNUNET_break_op (0);
+      r->csc (r->csc_cls,
+              ANASTASIS_RS_POLICY_MALFORMED_JSON,
+              NULL,
+              0);
+      goto cleanup;
+    }
+    dp->pub_details.challenges_length
+      = (unsigned int) json_array_size (uuids);
     dp->pub_details.challenges
       = GNUNET_new_array (dp->pub_details.challenges_length,
                           struct ANASTASIS_Challenge *);
@@ -921,9 +943,7 @@ policy_lookup_cb (void *cls,
                 ANASTASIS_RS_POLICY_MALFORMED_JSON,
                 NULL,
                 0);
-        ANASTASIS_recovery_abort (r);
-        json_decref (recovery_document);
-        return;
+        goto cleanup;
       }
       for (unsigned int i = 0; i<r->ri.cs_len; i++)
       {
@@ -942,15 +962,17 @@ policy_lookup_cb (void *cls,
                 ANASTASIS_RS_POLICY_MALFORMED_JSON,
                 NULL,
                 0);
-        ANASTASIS_recovery_abort (r);
-        json_decref (recovery_document);
-        return;
+        goto cleanup;
       }
     }
   }
   r->pc (r->pc_cls,
          &r->ri);
   json_decref (recovery_document);
+  return;
+cleanup:
+  ANASTASIS_recovery_abort (r);
+  json_decref (recovery_document);
 }
 
 
@@ -1126,16 +1148,23 @@ parse_cs_array (struct ANASTASIS_Recovery *r,
                 const json_t *cs_arr)
 {
   json_t *cs;
-  unsigned int n_index;
+  size_t n_index;
 
   if (! json_is_array (cs_arr))
   {
     GNUNET_break_op (0);
     return GNUNET_SYSERR;
   }
-  r->ri.cs_len = json_array_size (cs_arr);
-  r->solved_challenges = GNUNET_new_array (r->ri.cs_len,
-                                           struct ANASTASIS_Challenge *);
+  if (json_array_size (cs_arr) > UINT_MAX)
+  {
+    GNUNET_break_op (0);
+    return GNUNET_SYSERR;
+  }
+  r->ri.cs_len
+    = (unsigned int) json_array_size (cs_arr);
+  r->solved_challenges
+    = GNUNET_new_array (r->ri.cs_len,
+                        struct ANASTASIS_Challenge *);
   r->ri.cs = GNUNET_new_array (r->ri.cs_len,
                                struct ANASTASIS_Challenge *);
   r->cs = GNUNET_new_array (r->ri.cs_len,
@@ -1212,14 +1241,20 @@ parse_dps_array (struct ANASTASIS_Recovery *r,
                  const json_t *dps_arr)
 {
   json_t *dps;
-  unsigned int n_index;
+  size_t n_index;
 
   if (! json_is_array (dps_arr))
   {
     GNUNET_break_op (0);
     return GNUNET_SYSERR;
   }
-  r->ri.dps_len = json_array_size (dps_arr);
+  if (json_array_size (dps_arr) > UINT_MAX)
+  {
+    GNUNET_break_op (0);
+    return GNUNET_SYSERR;
+  }
+  r->ri.dps_len
+    = (unsigned int) json_array_size (dps_arr);
   r->dps = GNUNET_new_array (r->ri.dps_len,
                              struct DecryptionPolicy);
   r->ri.dps = GNUNET_new_array (r->ri.dps_len,
@@ -1259,14 +1294,20 @@ parse_dps_array (struct ANASTASIS_Recovery *r,
     }
     GNUNET_assert (NULL != dp->emk);
     GNUNET_assert (dp->emk_size > 0);
-    dp->pub_details.challenges_length = json_array_size (challenges);
-    dp->pub_details.challenges = GNUNET_new_array (
-      dp->pub_details.challenges_length,
-      struct ANASTASIS_Challenge *);
+    if (json_array_size (challenges) > UINT_MAX)
+    {
+      GNUNET_break_op (0);
+      return GNUNET_SYSERR;
+    }
+    dp->pub_details.challenges_length
+      = (unsigned int) json_array_size (challenges);
+    dp->pub_details.challenges
+      = GNUNET_new_array (dp->pub_details.challenges_length,
+                          struct ANASTASIS_Challenge *);
 
     {
       json_t *challenge;
-      unsigned int c_index;
+      size_t c_index;
       json_array_foreach (challenges, c_index, challenge)
       {
         struct ANASTASIS_CRYPTO_TruthUUIDP uuid;
author	Christian Grothoff <christian@grothoff.org>	2024-04-21 09:28:33 +0200
committer	Christian Grothoff <christian@grothoff.org>	2024-04-21 09:28:33 +0200
commit	75695e6416dce7f4eb2ba42d78e87e7f79e41c51 (patch)
tree	c1382bf00bd1e549afbd8fe76296c99ebac6e64a /src/lib/anastasis_recovery.c
parent	e0175bb4e1f0980deeffc24f575210c40ca0e2c3 (diff)
download	anastasis-75695e6416dce7f4eb2ba42d78e87e7f79e41c51.tar.gz anastasis-75695e6416dce7f4eb2ba42d78e87e7f79e41c51.tar.bz2 anastasis-75695e6416dce7f4eb2ba42d78e87e7f79e41c51.zip