[Pkg-privacy-commits] [obfs4proxy] 38/151: Validate that the padding length is greater than the minimum.

[Ximin Luo]

This is an automated email from the git hooks/post-receive script.

infinity0 pushed a commit to branch master
in repository obfs4proxy.

commit 8a431a64cb6eb05addc8d0373ebf7f4e5bc683e7
Author: Yawning Angel <yawning at schwanenlied.me>
Date:   Fri May 16 03:12:12 2014 +0000

    Validate that the padding length is greater than the minimum.
---
 handshake_ntor.go | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/handshake_ntor.go b/handshake_ntor.go
index 38d8728..80a9698 100644
--- a/handshake_ntor.go
+++ b/handshake_ntor.go
@@ -169,8 +169,8 @@ func (hs *clientHandshake) parseServerHandshake(resp []byte) (int, []byte, error
 	}
 
 	// Attempt to find the mark + MAC.
-	pos := findMark(hs.serverMark, resp,
-		ntor.RepresentativeLength+ntor.AuthLength, serverMaxHandshakeLength)
+	pos := findMark(hs.serverMark, resp, ntor.RepresentativeLength+ntor.AuthLength+serverMinPadLength,
+		serverMaxHandshakeLength)
 	if pos == -1 {
 		if len(resp) >= serverMaxHandshakeLength {
 			return 0, nil, ErrInvalidHandshake
@@ -243,7 +243,7 @@ func (hs *serverHandshake) parseClientHandshake(resp []byte) ([]byte, error) {
 	}
 
 	// Attempt to find the mark + MAC.
-	pos := findMark(hs.clientMark, resp, ntor.RepresentativeLength,
+	pos := findMark(hs.clientMark, resp, ntor.RepresentativeLength+clientMinPadLength,
 		serverMaxHandshakeLength)
 	if pos == -1 {
 		if len(resp) >= clientMaxHandshakeLength {
@@ -352,6 +352,9 @@ func findMark(mark, buf []byte, startPos, maxPos int) int {
 	if endPos > maxPos {
 		endPos = maxPos
 	}
+	if startPos > len(buf) {
+		return -1
+	}
 
 	// XXX: bytes.Index() uses a naive search, which kind of sucks.
 	pos := bytes.Index(buf[startPos:endPos], mark)

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/obfs4proxy.git