Changeset 14155


Ignore:
Timestamp:
Aug 5, 2013, 4:39:43 AM (9 years ago)
Author:
jordan
Message:

(trunk, libT) #5451: 'crash in tr_torrentGetPeerId() during incoming encrypted handshake' -- fixed.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/libtransmission/handshake.c

    r13933 r14155  
    189189}
    190190
    191 static void
     191static bool
    192192buildHandshakeMessage (tr_handshake * handshake, uint8_t * buf)
    193193{
    194   uint8_t * walk = buf;
    195   const uint8_t * torrentHash = tr_cryptoGetTorrentHash (handshake->crypto);
    196   tr_torrent * tor = tr_torrentFindFromHash (handshake->session, torrentHash);
    197   const unsigned char * peer_id = tr_torrentGetPeerId (tor);
    198 
    199   memcpy (walk, HANDSHAKE_NAME, HANDSHAKE_NAME_LEN);
    200   walk += HANDSHAKE_NAME_LEN;
    201   memset (walk, 0, HANDSHAKE_FLAGS_LEN);
    202   HANDSHAKE_SET_LTEP (walk);
    203   HANDSHAKE_SET_FASTEXT (walk);
    204 
    205   /* Note that this doesn't depend on whether the torrent is private.
    206    * We don't accept DHT peers for a private torrent,
    207    * but we participate in the DHT regardless. */
    208   if (tr_dhtEnabled (handshake->session))
    209     HANDSHAKE_SET_DHT (walk);
    210 
    211   walk += HANDSHAKE_FLAGS_LEN;
    212   memcpy (walk, torrentHash, SHA_DIGEST_LENGTH);
    213   walk += SHA_DIGEST_LENGTH;
    214   memcpy (walk, peer_id, PEER_ID_LEN);
    215   walk += PEER_ID_LEN;
    216 
    217   assert (walk - buf == HANDSHAKE_SIZE);
     194  const unsigned char * peer_id = NULL;
     195  const uint8_t * torrentHash;
     196  tr_torrent * tor;
     197  bool success;
     198
     199  if ((torrentHash = tr_cryptoGetTorrentHash (handshake->crypto)))
     200    if ((tor = tr_torrentFindFromHash (handshake->session, torrentHash)))
     201      peer_id = tr_torrentGetPeerId (tor);
     202
     203  if (peer_id == NULL)
     204    {
     205      success = false;
     206    }
     207  else
     208    {
     209      uint8_t * walk = buf;
     210
     211      memcpy (walk, HANDSHAKE_NAME, HANDSHAKE_NAME_LEN);
     212      walk += HANDSHAKE_NAME_LEN;
     213      memset (walk, 0, HANDSHAKE_FLAGS_LEN);
     214      HANDSHAKE_SET_LTEP (walk);
     215      HANDSHAKE_SET_FASTEXT (walk);
     216
     217      /* Note that this doesn't depend on whether the torrent is private.
     218       * We don't accept DHT peers for a private torrent,
     219       * but we participate in the DHT regardless. */
     220      if (tr_dhtEnabled (handshake->session))
     221        HANDSHAKE_SET_DHT (walk);
     222
     223      walk += HANDSHAKE_FLAGS_LEN;
     224      memcpy (walk, torrentHash, SHA_DIGEST_LENGTH);
     225      walk += SHA_DIGEST_LENGTH;
     226      memcpy (walk, peer_id, PEER_ID_LEN);
     227      walk += PEER_ID_LEN;
     228
     229      assert (walk - buf == HANDSHAKE_SIZE);
     230      success = true;
     231    }
     232
     233  return success;
    218234}
    219235
     
    456472  {
    457473    uint8_t msg[HANDSHAKE_SIZE];
    458     buildHandshakeMessage (handshake, msg);
     474    if (!buildHandshakeMessage (handshake, msg))
     475      return tr_handshakeDone (handshake, false);
    459476
    460477    evbuffer_add_uint16 (outbuf, sizeof (msg));
     
    671688    {
    672689      uint8_t msg[HANDSHAKE_SIZE];
    673       buildHandshakeMessage (handshake, msg);
     690      if (!buildHandshakeMessage (handshake, msg))
     691        return tr_handshakeDone (handshake, false);
    674692      tr_peerIoWriteBytes (handshake->io, msg, sizeof (msg), false);
    675693      handshake->haveSentBitTorrentHandshake = 1;
     
    921939  {
    922940    uint8_t msg[HANDSHAKE_SIZE];
    923     buildHandshakeMessage (handshake, msg);
     941    if (!buildHandshakeMessage (handshake, msg))
     942      return tr_handshakeDone (handshake, false);
    924943
    925944    evbuffer_add (outbuf, msg, sizeof (msg));
Note: See TracChangeset for help on using the changeset viewer.