From f73e3ddc7bb778efb1c562633f9779bf027117d4 Mon Sep 17 00:00:00 2001
From: Philipp Gesang <phg@phi-gamma.net>
Date: Tue, 30 Oct 2018 01:13:44 +0100
Subject: sid: catch more boundary violations

---
 sid.ml | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

(limited to 'sid.ml')

diff --git a/sid.ml b/sid.ml
index c6c7d3d..cbfe305 100644
--- a/sid.ml
+++ b/sid.ml
@@ -10,6 +10,7 @@ type sid =
 and sub_auths = U32.t array
 
 let sizeof_ident_auth = 6
+let max_ident_auth    = U64.of_string "0x0000_ffff_ffff_ffff"
 let sizeof_sub_auth   = 4
 let max_subauth_count = 15
 
@@ -93,10 +94,24 @@ module StringFmt = struct
         expect_char s '-' 3;
         let p = 4 in
         let p, ia = read_decimal_u64 s p in
+        if ia > max_ident_auth then
+          raise (Invalid_argument
+                   (Printf.sprintf
+                      "Invalid SID: identifier authority cannot fit 6 B (%s)"
+                      (U64.to_string max_ident_auth)));
         let sa = ref [] and p' = ref p in
         while !p' < n - 1 && List.length !sa < max_subauth_count do
           expect_char s '-' !p';
-          let np, d = read_decimal_u32 s (!p' + 1) in
+          let np, d =
+            try read_decimal_u32 s (!p' + 1)
+            with Invalid_argument e ->
+              (* Brr, but Stdint’s error messages aren’t overly instructive. *)
+              raise (Invalid_argument
+                       (Printf.sprintf
+                          "Invalid SID: error parsing subauth at position %d, \
+                           (err: %s)"
+                          (!p' + 1) e))
+          in
           sa := d :: !sa;
           p' := np
         done;
-- 
cgit v1.2.3