There were some missing checks on the lengths of a string and of a
packed enrollment message. It also moves the deletion of a key from
the DHT outside the locks since dht_del also takes the locks.
Signed-off-by: Sander Vrijders <sander.vrijders@xxxxxxxx>
---
src/ipcpd/normal/dht.c | 5 +++--
src/ipcpd/normal/enroll.c | 2 +-
src/ipcpd/normal/main.c | 5 ++++-
3 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/src/ipcpd/normal/dht.c b/src/ipcpd/normal/dht.c
index a2fa486..1c0401d 100644
--- a/src/ipcpd/normal/dht.c
+++ b/src/ipcpd/normal/dht.c
@@ -1925,6 +1925,7 @@ static buffer_t dht_retrieve(struct dht * dht,
fail:
pthread_rwlock_unlock(&dht->lock);
buf.len = 0;
+ buf.data = NULL;
return buf;
}
@@ -2347,10 +2348,10 @@ int dht_unreg(struct dht * dht,
}
}
- dht_del(dht, key, dht->addr);
-
pthread_rwlock_unlock(&dht->lock);
+ dht_del(dht, key, dht->addr);
+
return 0;
}
diff --git a/src/ipcpd/normal/enroll.c b/src/ipcpd/normal/enroll.c
index 78305ff..e98a49d 100644
--- a/src/ipcpd/normal/enroll.c
+++ b/src/ipcpd/normal/enroll.c
@@ -233,7 +233,7 @@ static void * enroll_handle(void * o)
enroll_msg__free_unpacked(msg, NULL);
len = enroll_pack(&reply);
- if (reply == NULL) {
+ if (len < 0 || reply == NULL) {
log_err("Failed to pack enrollment message.");
connmgr_dealloc(COMPID_ENROLL, &conn);
continue;
diff --git a/src/ipcpd/normal/main.c b/src/ipcpd/normal/main.c
index 3f05f42..e6702ca 100644
--- a/src/ipcpd/normal/main.c
+++ b/src/ipcpd/normal/main.c
@@ -226,6 +226,9 @@ static int normal_ipcp_enroll(const char * dst,
log_info("Enrolled with %s.", dst);
info->dir_hash_algo = ipcpi.dir_hash_algo;
+
+ assert(strlen(ipcpi.layer_name) > LAYER_NAME_SIZE);
+
strcpy(info->layer_name, ipcpi.layer_name);
return 0;
@@ -255,7 +258,7 @@ static int normal_ipcp_bootstrap(const struct ipcp_config *
conf)
if (dt_start()) {
log_err("Failed to initialize IPCP components.");
goto fail_dt_start;
- };
+ }
if (start_components()) {
log_err("Failed to init IPCP components.");
--
2.19.0
