libaacs | branch: master | npzacs <npz...@gmail.com> | Sun Oct 20 12:47:08 2013 +0300| [d1fd10278917322c195c1669ce1b8dab893372b9] | committer: npzacs
keydb.cfg: validate key length > http://git.videolan.org/gitweb.cgi/libaacs.git/?a=commit;h=d1fd10278917322c195c1669ce1b8dab893372b9 --- src/file/keydbcfg-parser.y | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/src/file/keydbcfg-parser.y b/src/file/keydbcfg-parser.y index 2f1f087..a7a3a8b 100644 --- a/src/file/keydbcfg-parser.y +++ b/src/file/keydbcfg-parser.y @@ -555,6 +555,12 @@ static dk_list *add_dk_list_entry(dk_list *list, char *key, char *node) return NULL; } + if (strlen(key) != 32) { + fprintf(stderr, "ignoring bad DK entry %s\n", key); + X_FREE(key); + return list; + } + list->key = key; list->node = strtoul(node, NULL, 16); list->next = new_dk_list(); @@ -581,6 +587,12 @@ static pk_list *add_pk_list_entry(pk_list *list, char *key) return NULL; } + if (strlen(key) != 32) { + fprintf(stderr, "ignoring bad PK entry %s\n", key); + X_FREE(key); + return list; + } + list->key = key; list->next = new_pk_list(); @@ -612,6 +624,19 @@ static cert_list *add_cert_list(cert_list *list, char *host_priv_key, return NULL; } + if (strlen(host_priv_key) != 40) { + fprintf(stderr, "ignoring bad private key entry %s\n", host_priv_key); + X_FREE(host_priv_key); + X_FREE(host_cert); + return list; + } + if (strlen(host_cert) != 184) { + fprintf(stderr, "ignoring bad certificate entry %s\n", host_cert); + X_FREE(host_priv_key); + X_FREE(host_cert); + return list; + } + list->host_priv_key = host_priv_key; list->host_cert = host_cert; @@ -635,6 +660,13 @@ title_entry_list *new_title_entry_list(void) return list; } +#define CHECK_KEY_LENGTH(name, len) \ + if (strlen(entry) != len) { \ + fprintf(stderr, "Ignoring bad "name" entry %s\n", entry); \ + X_FREE(entry); \ + break; \ + } + /* Function to add standard string entries to a config entry */ static int add_entry(title_entry_list *list, int type, char *entry) { @@ -647,6 +679,7 @@ static int add_entry(title_entry_list *list, int type, char *entry) switch (type) { case ENTRY_TYPE_DISCID: + CHECK_KEY_LENGTH("discid", 20) X_FREE(list->entry.discid); list->entry.discid = entry; break; @@ -658,16 +691,19 @@ static int add_entry(title_entry_list *list, int type, char *entry) break; case ENTRY_TYPE_MEK: + CHECK_KEY_LENGTH("mek", 16) X_FREE(list->entry.mek); list->entry.mek = entry; break; case ENTRY_TYPE_VID: + CHECK_KEY_LENGTH("vid", 16) X_FREE(list->entry.vid); list->entry.vid = entry; break; case ENTRY_TYPE_VUK: + CHECK_KEY_LENGTH("vuk", 16) X_FREE(list->entry.vuk); list->entry.vuk = entry; break; _______________________________________________ libaacs-devel mailing list libaacs-devel@videolan.org https://mailman.videolan.org/listinfo/libaacs-devel
