diff options
| author | Mark Haines <mark.haines@matrix.org> | 2015-08-07 18:58:42 +0100 |
|---|---|---|
| committer | Mark Haines <mark.haines@matrix.org> | 2015-08-07 18:58:42 +0100 |
| commit | a4b2927884ded37556ea5009e10fffe12d8a6706 (patch) | |
| tree | fb1fede1c6cd2cb04cba27c92716901145080ced /src | |
| parent | 76ecd85c2cf4b9b1fb2350774d24860537d1d571 (diff) | |
Initialise the length fields of the reader struct in decode_message, even if the message is invalid, fixes a crash where the message was too short
Diffstat (limited to 'src')
| -rw-r--r-- | src/message.cpp | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/src/message.cpp b/src/message.cpp index 8e807fd..ffb9f6c 100644 --- a/src/message.cpp +++ b/src/message.cpp @@ -204,13 +204,16 @@ void olm::decode_message( std::uint8_t const * end = input + input_length - mac_length; std::uint8_t const * unknown = nullptr; - if (pos == end) return; - reader.version = *(pos++); reader.input = input; reader.input_length = input_length; reader.has_counter = false; reader.ratchet_key = nullptr; + reader.ratchet_key_length = 0; reader.ciphertext = nullptr; + reader.ciphertext_length = 0; + + if (pos == end) return; + reader.version = *(pos++); while (pos != end) { pos = decode( @@ -284,12 +287,17 @@ void olm::decode_one_time_key_message( std::uint8_t const * end = input + input_length; std::uint8_t const * unknown = nullptr; - if (pos == end) return; - reader.version = *(pos++); reader.one_time_key = nullptr; + reader.one_time_key_length = 0; reader.identity_key = nullptr; + reader.identity_key_length = 0; reader.base_key = nullptr; + reader.base_key_length = 0; reader.message = nullptr; + reader.message_length = 0; + + if (pos == end) return; + reader.version = *(pos++); while (pos != end) { pos = decode( |