premiere
/
premiere-libtorrent
2
2
Fork 1
Code Issues Pull Requests Releases Wiki Activity

fix out-of-bounds read in bdecode 

Fixes #2099
This commit is contained in:
Steven Siloti 2017-06-23 21:19:31 -07:00 committed by Arvid Norberg
parent 77cc2b4eea
commit ec30a5e9ec
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/bdecode.cpp
View File

@ -839,6 +839,7 @@ namespace libtorrent
boost::int64_t len = t - '0';
char const* str_start = start;
++start;
if (start >= end) TORRENT_FAIL_BDECODE(bdecode_errors::unexpected_eof);
bdecode_errors::error_code_enum e = bdecode_errors::no_error;
start = parse_int(start, end, ':', len, e);
if (e)

6
test/test_bdecode.cpp
View File

@ -459,10 +459,10 @@ TORRENT_TEST(unepected_eof)
printf("%s\n", print_entry(e).c_str());
}
// test unexpected EOF (really expected terminator)
// test unexpected EOF in string length
TORRENT_TEST(unepected_eof2)
{
char b[] = "l2:..0"; // expected terminating 'e' instead of '0'
char b[] = "l2:..0"; // expected ':' delimiter instead of EOF
bdecode_node e;
error_code ec;
@ -470,7 +470,7 @@ TORRENT_TEST(unepected_eof2)
int ret = bdecode(b, b + sizeof(b)-1, e, ec, &pos);
TEST_EQUAL(ret, -1);
TEST_EQUAL(pos, 6);
TEST_EQUAL(ec, error_code(bdecode_errors::expected_colon));
TEST_EQUAL(ec, error_code(bdecode_errors::unexpected_eof));
printf("%s\n", print_entry(e).c_str());
}