From: Andre Noll <maan@tuebingen.mpg.de>
Date: Sun, 7 May 2023 14:40:26 +0000 (+0200)
Subject: client: Check buffer size returned by apc_priv_decrypt().
X-Git-Url: http://git.tue.mpg.de/?a=commitdiff_plain;h=69c9739b6d9b8f8ec1a9afdd18fa74d386c7ef74;p=paraslash.git

client: Check buffer size returned by apc_priv_decrypt().

The decoded challenge buffer contains the challenge and the two session
keys but nothing else. So we know its size up-front and should fail
the handshake if the size of the rsa-decrypted buffer differs.
---

diff --git a/client_common.c b/client_common.c
index fe8234f9..32a94492 100644
--- a/client_common.c
+++ b/client_common.c
@@ -342,6 +342,10 @@ static int client_post_monitor(struct sched *s, void *context)
 		free(sbb.iov.iov_base);
 		if (ret < 0)
 			goto out;
+		if (ret != APC_CHALLENGE_SIZE + 2 * SESSION_KEY_LEN) {
+			ret = -E_DECRYPT;
+			goto out;
+		}
 		ct->challenge_hash = alloc(HASH2_SIZE);
 		if (has_feature("sha256", ct)) {
 			hash2_function((char *)crypt_buf, APC_CHALLENGE_SIZE,