Validate that the padding length is greater than the minimum.

author: Yawning Angel <yawning@schwanenlied.me> 2014-05-16 03:12:12 +0000
committer: Yawning Angel <yawning@schwanenlied.me> 2014-05-16 03:12:12 +0000
commit: 8a431a64cb6eb05addc8d0373ebf7f4e5bc683e7 (patch)
tree: fd438bf28b5a559427220b4f980681c0c298edd7
parent: 1fee9678c68238f6e77d44020f8ee38c711d89bb (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/handshake_ntor.go b/handshake_ntor.go
index 38d8728..80a9698 100644
--- a/handshake_ntor.go
+++ b/handshake_ntor.go
@@ -169,8 +169,8 @@ func (hs *clientHandshake) parseServerHandshake(resp []byte) (int, []byte, error
 	}
 
 	// Attempt to find the mark + MAC.
-	pos := findMark(hs.serverMark, resp,
-		ntor.RepresentativeLength+ntor.AuthLength, serverMaxHandshakeLength)
+	pos := findMark(hs.serverMark, resp, ntor.RepresentativeLength+ntor.AuthLength+serverMinPadLength,
+		serverMaxHandshakeLength)
 	if pos == -1 {
 		if len(resp) >= serverMaxHandshakeLength {
 			return 0, nil, ErrInvalidHandshake
@@ -243,7 +243,7 @@ func (hs *serverHandshake) parseClientHandshake(resp []byte) ([]byte, error) {
 	}
 
 	// Attempt to find the mark + MAC.
-	pos := findMark(hs.clientMark, resp, ntor.RepresentativeLength,
+	pos := findMark(hs.clientMark, resp, ntor.RepresentativeLength+clientMinPadLength,
 		serverMaxHandshakeLength)
 	if pos == -1 {
 		if len(resp) >= clientMaxHandshakeLength {
@@ -352,6 +352,9 @@ func findMark(mark, buf []byte, startPos, maxPos int) int {
 	if endPos > maxPos {
 		endPos = maxPos
 	}
+	if startPos > len(buf) {
+		return -1
+	}
 
 	// XXX: bytes.Index() uses a naive search, which kind of sucks.
 	pos := bytes.Index(buf[startPos:endPos], mark)
author	Yawning Angel <yawning@schwanenlied.me>	2014-05-16 03:12:12 +0000
committer	Yawning Angel <yawning@schwanenlied.me>	2014-05-16 03:12:12 +0000
commit	8a431a64cb6eb05addc8d0373ebf7f4e5bc683e7 (patch)
tree	fd438bf28b5a559427220b4f980681c0c298edd7
parent	1fee9678c68238f6e77d44020f8ee38c711d89bb (diff)