ynerant/squinnondation
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Ensure that a DataTLV is not too long

Browse Source 
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
This commit is contained in:
Yohann D'ANELLO
2020-12-21 16:04:13 +01:00
parent b96ff488e7
commit 7a25d24ba3
3 changed files with 17 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
squinnondation/messages.py
View File

@ -183,6 +183,11 @@ class DataTLV(TLV):
nonce: int
data: bytes
def validate_data(self) -> bool:
if len(self.data) >= 256 - 4 - 8:
raise ValueError("The data is too long, the length is larger that one byte.")
return True
def unmarshal(self, raw_data: bytes) -> None:
self.type = raw_data[0]
self.length = raw_data[1]
@ -305,7 +310,7 @@ class Packet:
raise ValueError("The magic code of the packet must be 95, found: {:d}".format(self.magic))
if self.version != 0:
raise ValueError("The version of the packet is not supported: {:d}".format(self.version))
if not (0 <= self.body_length <= 120):
if not (0 <= self.body_length <= 1200):
raise ValueError("The body length of the packet is negative or too high. It must be between 0 and 1020,"
"found: {:d}".format(self.body_length))
return all(tlv.validate_data() for tlv in self.body)