Prevent a few potential panics

2024-09-19 16:08:30 +00:00 · 2021-12-29 23:15:08 +01:00 · 2021-12-29 23:15:08 +01:00 · 9b6e02fa0d
parent e51f475a00
commit 9b6e02fa0d
4 changed files with 15 additions and 3 deletions
--- a/audio/src/fetch/receive.rs
+++ b/audio/src/fetch/receive.rs
@ -418,7 +418,7 @@ pub(super) async fn audio_file_fetch(
                        None => break,
                    }
                }
-                data = file_data_rx.recv() => {
+            data = file_data_rx.recv() => {
                match data {
                    Some(data) => {
                        if fetch.handle_file_data(data)? == ControlFlow::Break {
--- a/core/src/authentication.rs
+++ b/core/src/authentication.rs
@ -15,6 +15,8 @@ use crate::{protocol::authentication::AuthenticationType, Error};
 pub enum AuthenticationError {
    #[error("unknown authentication type {0}")]
    AuthType(u32),
+    #[error("invalid key")]
+    Key,
 }

 impl From<AuthenticationError> for Error {
@ -90,6 +92,10 @@ impl Credentials {

        let key = {
            let mut key = [0u8; 24];
+            if key.len() < 20 {
+                return Err(AuthenticationError::Key.into());
+            }
+
            pbkdf2::<Hmac<Sha1>>(&secret, username.as_bytes(), 0x100, &mut key[0..20]);

            let hash = &Sha1::digest(&key[..20]);
--- a/core/src/dealer/mod.rs
+++ b/core/src/dealer/mod.rs
@ -448,6 +448,7 @@ async fn connect(
                    e = keep_flushing(&mut ws_tx) => {
                        break Err(e)
                    }
+                    else => (),
                }
            };

--- a/discovery/src/server.rs
+++ b/discovery/src/server.rs
@ -107,9 +107,14 @@ impl RequestHandler {
        let client_key = base64::decode(client_key.as_bytes())?;
        let shared_key = self.keys.shared_secret(&client_key);

+        let encrypted_blob_len = encrypted_blob.len();
+        if encrypted_blob_len < 16 {
+            return Err(DiscoveryError::HmacError(encrypted_blob.to_vec()).into());
+        }
+
        let iv = &encrypted_blob[0..16];
-        let encrypted = &encrypted_blob[16..encrypted_blob.len() - 20];
-        let cksum = &encrypted_blob[encrypted_blob.len() - 20..encrypted_blob.len()];
+        let encrypted = &encrypted_blob[16..encrypted_blob_len - 20];
+        let cksum = &encrypted_blob[encrypted_blob_len - 20..encrypted_blob_len];

        let base_key = Sha1::digest(&shared_key);
        let base_key = &base_key[..16];