Initialise the length fields of the reader struct in decode_message, even if the message is invalid, fixes a crash where the message was too short

2015-08-07 18:58:42 +01:00 · 2015-08-07 18:58:42 +01:00 · a4b2927884
commit a4b2927884
parent 76ecd85c2c
2 changed files with 16 additions and 7 deletions
--- a/src/message.cpp
+++ b/src/message.cpp
@ -204,13 +204,16 @@ void olm::decode_message(
    std::uint8_t const * end = input + input_length - mac_length;
    std::uint8_t const * unknown = nullptr;
    if (pos == end) return;
    reader.version = *(pos++);
    reader.input = input;
    reader.input_length = input_length;
    reader.has_counter = false;
    reader.ratchet_key = nullptr;
    reader.ratchet_key_length = 0;
    reader.ciphertext = nullptr;
    reader.ciphertext_length = 0;
    if (pos == end) return;
    reader.version = *(pos++);
    while (pos != end) {
        pos = decode(
@ -284,12 +287,17 @@ void olm::decode_one_time_key_message(
    std::uint8_t const * end = input + input_length;
    std::uint8_t const * unknown = nullptr;
    reader.one_time_key = nullptr;
    reader.one_time_key_length = 0;
    reader.identity_key = nullptr;
    reader.identity_key_length = 0;
    reader.base_key = nullptr;
    reader.base_key_length = 0;
    reader.message = nullptr;
    reader.message_length = 0;
    if (pos == end) return;
    reader.version = *(pos++);
    reader.one_time_key = nullptr;
    reader.identity_key = nullptr;
    reader.base_key = nullptr;
    reader.message = nullptr;
    while (pos != end) {
        pos = decode(
--- a/tests/test_olm_decrypt.cpp
+++ b/tests/test_olm_decrypt.cpp
@ -3,7 +3,8 @@
 const char * test_cases[] = {
    "41776f",
-    "7fff6f0101346d671201"
+    "7fff6f0101346d671201",
    "ee776f41496f674177804177778041776f6716670a677d6f670a67c2677d",
 };