ARCHIVE/rippled
1
0
Fork 0
mirror of https://github.com/XRPLF/rippled.git synced 2025-12-06 17:27:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Address issues identified by external review:

Browse Source 
* RIPD-1617, RIPD-1619, RIPD-1621:
  Verify serialized public keys more strictly before
  using them.

* RIPD-1618:
    * Simplify the base58 decoder logic.
    * Reduce the complexity of the base58 encoder and
      eliminate a potential out-of-bounds memory access.
    * Improve type safety by using an `enum class` to
      enforce strict type checking for token types.

* RIPD-1616:
  Avoid calling `memcpy` with a null pointer even if the
  size is specified as zero, since it results in undefined
  behavior.

Acknowledgements:
Ripple thanks Guido Vranken for responsibly disclosing these
issues.

Bug Bounties and Responsible Disclosures:
We welcome reviews of the rippled code and urge researchers
to responsibly disclose any issues that they may find. For
more on Ripple's Bug Bounty program, please visit:
https://ripple.com/bug-bounty
This commit is contained in:
Nikolaos D. Bougalis
2018-03-15 20:58:05 -07:00
parent 25de6b0a5f
commit d5f981f5fc
47 changed files with 393 additions and 264 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/ripple/overlay/impl/PeerImp.cpp
View File

@@ -256,7 +256,7 @@ PeerImp::json()
Json::Value ret (Json::objectValue);
ret[jss::public_key] = toBase58 (
TokenType::TOKEN_NODE_PUBLIC, publicKey_);
TokenType::NodePublic, publicKey_);
ret[jss::address] = remote_address_.to_string();
if (m_inbound)
@@ -629,7 +629,7 @@ void PeerImp::doAccept()
JLOG(journal_.info()) << "Protocol: " << to_string(protocol);
JLOG(journal_.info()) <<
"Public Key: " << toBase58 (
TokenType::TOKEN_NODE_PUBLIC,
TokenType::NodePublic,
publicKey_);
if (auto member = app_.cluster().member(publicKey_))
{
@@ -932,7 +932,7 @@ PeerImp::onMessage (std::shared_ptr <protocol::TMCluster> const& m)
name = node.nodename();
auto const publicKey = parseBase58<PublicKey>(
TokenType::TOKEN_NODE_PUBLIC, node.publickey());
TokenType::NodePublic, node.publickey());
// NIKB NOTE We should drop the peer immediately if
// they send us a public key we can't parse
@@ -1610,8 +1610,7 @@ PeerImp::onMessage (std::shared_ptr <protocol::TMValidation> const& m)
STValidation::pointer val;
{
SerialIter sit (makeSlice(m->validation()));
val = std::make_shared <
STValidation> (std::ref (sit), false);
val = std::make_shared <STValidation> (std::ref (sit), false);
val->setSeen (closeTime);
}