More security in TLV analysis

This commit is contained in:
Yohann D'ANELLO 2021-01-01 18:41:01 +01:00
parent b70fbc75d1
commit 88ab6f5c76
Signed by: ynerant
GPG Key ID: 3A75C55819C8CF85
1 changed files with 6 additions and 2 deletions

View File

@ -120,7 +120,7 @@ class PadNTLV(TLV):
def handle(self, squirrel: Any, sender: Any) -> None:
# TODO Add some easter eggs
squirrel.add_system_message(f"I received {self.length} zeros, am I so a bag guy ? :cold_sweat:")
squirrel.add_system_message(f"I received {self.length} zeros, am I so a bad guy ? :cold_sweat:")
@staticmethod
def construct(length: int) -> "PadNTLV":
@ -201,6 +201,11 @@ class NeighbourTLV(TLV):
ip_address: IPv6Address
port: int
def validate_data(self) -> bool:
if not (1 <= self.port <= 65535):
raise ValueError(f"Invalid port received in NeighbourTLV: {self.port}")
return True
def unmarshal(self, raw_data: bytes) -> None:
self.type = raw_data[0]
self.length = raw_data[1]
@ -259,7 +264,6 @@ class DataTLV(TLV):
def handle(self, squirrel: Any, sender: Any) -> None:
"""
A message has been sent. We log it.
TODO: Check that the tuple (sender_id, nonce) is unique to avoid duplicates.
"""
msg = self.data.decode('UTF-8')