Skip to content

Commit

Permalink
[net] Check i2p private key constraints
Browse files Browse the repository at this point in the history
Co-authored-by: Vasil Dimov <vd@FreeBSD.org>
  • Loading branch information
dergoegge and vasild committed Oct 26, 2023
1 parent 106ab20 commit cf70a8d
Showing 1 changed file with 15 additions and 0 deletions.
15 changes: 15 additions & 0 deletions src/i2p.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -351,11 +351,26 @@ Binary Session::MyDestination() const
static constexpr size_t CERT_LEN_POS = 385;

uint16_t cert_len;

if (m_private_key.size() < CERT_LEN_POS + sizeof(cert_len)) {
throw std::runtime_error(strprintf("The private key is too short (%d < %d)",
m_private_key.size(),
CERT_LEN_POS + sizeof(cert_len)));
}

memcpy(&cert_len, &m_private_key.at(CERT_LEN_POS), sizeof(cert_len));
cert_len = be16toh(cert_len);

const size_t dest_len = DEST_LEN_BASE + cert_len;

if (dest_len > m_private_key.size()) {
throw std::runtime_error(strprintf("Certificate length (%d) designates that the private key should "
"be %d bytes, but it is only %d bytes",
cert_len,
dest_len,
m_private_key.size()));
}

return Binary{m_private_key.begin(), m_private_key.begin() + dest_len};
}

Expand Down

0 comments on commit cf70a8d

Please sign in to comment.