[net] Check i2p private key constraints

Co-authored-by: Vasil Dimov <vd@FreeBSD.org> GitHub-Pull: #28695 Rebased-From: cf70a8d56510a5f07eff0fd773184cae14b2dcc9
author: dergoegge <n.goeggi@gmail.com> 2023-10-26 16:50:02 +0100
committer: fanquake <fanquake@gmail.com> 2023-10-31 17:07:52 +0000
commit: 1f11784aac33c4d6aa5beccec19e6ff025808b24 (patch)
tree: fe8826473be8f2ab60b631ccf14580d46b29c130 /src
parent: 6544ffa01fc1f219817e8c22b5d1d44ea2efa465 (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/src/i2p.cpp b/src/i2p.cpp
index 05a5dde396..685b43ba18 100644
--- a/src/i2p.cpp
+++ b/src/i2p.cpp
@@ -384,11 +384,26 @@ Binary Session::MyDestination() const
     static constexpr size_t CERT_LEN_POS = 385;
 
     uint16_t cert_len;
+
+    if (m_private_key.size() < CERT_LEN_POS + sizeof(cert_len)) {
+        throw std::runtime_error(strprintf("The private key is too short (%d < %d)",
+                                           m_private_key.size(),
+                                           CERT_LEN_POS + sizeof(cert_len)));
+    }
+
     memcpy(&cert_len, &m_private_key.at(CERT_LEN_POS), sizeof(cert_len));
     cert_len = be16toh(cert_len);
 
     const size_t dest_len = DEST_LEN_BASE + cert_len;
 
+    if (dest_len > m_private_key.size()) {
+        throw std::runtime_error(strprintf("Certificate length (%d) designates that the private key should "
+                                           "be %d bytes, but it is only %d bytes",
+                                           cert_len,
+                                           dest_len,
+                                           m_private_key.size()));
+    }
+
     return Binary{m_private_key.begin(), m_private_key.begin() + dest_len};
 }
author	dergoegge <n.goeggi@gmail.com>	2023-10-26 16:50:02 +0100
committer	fanquake <fanquake@gmail.com>	2023-10-31 17:07:52 +0000
commit	1f11784aac33c4d6aa5beccec19e6ff025808b24 (patch)
tree	fe8826473be8f2ab60b631ccf14580d46b29c130 /src
parent	6544ffa01fc1f219817e8c22b5d1d44ea2efa465 (diff)