fixing common off-by-one error with respect to maximum message size

[oweals/gnunet.git] / src / fs / fs_search.c

diff --git a/src/fs/fs_search.c b/src/fs/fs_search.c
index 21fd7e8f1b797de51d41cbac875e5422072f9d6f..da61cea57e65c16e4d9d27cecb011bac706cdba4 100644 (file)
--- a/src/fs/fs_search.c
+++ b/src/fs/fs_search.c
@@ -574,11 +574,15 @@ process_kblock (struct GNUNET_FS_SearchContext *sc,
     }
   /* decrypt */
   GNUNET_CRYPTO_hash_to_aes_key (&sc->requests[i].key, &skey, &iv);
-  GNUNET_CRYPTO_aes_decrypt (&kb[1],
-                            size - sizeof (struct KBlock),
-                            &skey,
-                            &iv,
-                            pt);
+  if (-1 == GNUNET_CRYPTO_aes_decrypt (&kb[1],
+                                      size - sizeof (struct KBlock),
+                                      &skey,
+                                      &iv,
+                                      pt))
+    {
+      GNUNET_break (0);
+      return;
+    }
   /* parse */
   eos = memchr (pt, 0, sizeof (pt));
   if (NULL == eos)
@@ -654,11 +658,15 @@ process_nblock (struct GNUNET_FS_SearchContext *sc,
     }
   /* decrypt */
   GNUNET_CRYPTO_hash_to_aes_key (&sc->requests[i].key, &skey, &iv);
-  GNUNET_CRYPTO_aes_decrypt (&nb[1],
-                            size - sizeof (struct NBlock),
-                            &skey,
-                            &iv,
-                            pt);
+  if (-1 == GNUNET_CRYPTO_aes_decrypt (&nb[1],
+                                      size - sizeof (struct NBlock),
+                                      &skey,
+                                      &iv,
+                                      pt))
+    {
+      GNUNET_break (0);
+      return;
+    }
   /* parse */
   eos = memchr (pt, 0, sizeof (pt));
   if (NULL == eos)
@@ -736,11 +744,15 @@ process_sblock (struct GNUNET_FS_SearchContext *sc,
                      strlen (identifier), 
                      &key);
   GNUNET_CRYPTO_hash_to_aes_key (&key, &skey, &iv);
-  GNUNET_CRYPTO_aes_decrypt (&sb[1],
-                            len,
-                            &skey,
-                            &iv,
-                            pt);
+  if (-1 == GNUNET_CRYPTO_aes_decrypt (&sb[1],
+                                      len,
+                                      &skey,
+                                      &iv,
+                                      pt))
+    {
+      GNUNET_break (0);
+      return;
+    }
   /* parse */
   off = GNUNET_STRINGS_buffer_tokenize (pt,
                                        len,