Permalink
Browse files

Prevent protobuf nil pointer dereference (#600)

* Fix minor typo

* Update verify.go to use getters for accessing protobuf to prevent nil pointer dereference when fields are nil

* Add myself to AUTHORS and CONTRIBUTORS

* Alphabetize CONTRIBUTORS
  • Loading branch information...
AMarcedone authored and gdbelvin committed Aug 8, 2017
1 parent 1518a26 commit a829e3c157eb625e950515f6d7b4ddf73aa082d5
Showing with 11 additions and 9 deletions.
  1. +1 −0 AUTHORS
  2. +3 −2 CONTRIBUTORS
  3. +1 −1 core/admin/interface.go
  4. +6 −6 core/client/kt/verify.go
View
@@ -6,5 +6,6 @@
# Name or Organization <email address>
# The email address is not required for organizations.
Antonio Marcedone <a.marcedone@gmail.com>
Google Inc.
Yahoo! Inc.
View
@@ -9,6 +9,7 @@
# Names should be added to this file as:
# Name <email address>
Gary Belvin <gdbelvin@gmail.com>
Daniel Ziegler <dmz@yahoo-inc.com>
Antonio Marcedone <a.marcedone@gmail.com>
Cesar Ghali <cghali@uci.edu>
Daniel Ziegler <dmz@yahoo-inc.com>
Gary Belvin <gdbelvin@gmail.com>
View
@@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
// Package admin supports configuing Key Transparency with multiple Trillian backends.
// Package admin supports configuring Key Transparency with multiple Trillian backends.
package admin
import "github.com/google/trillian/client"
View
@@ -72,7 +72,7 @@ func (Verifier) VerifyCommitment(userID, appID string, in *tpb.GetEntryResponse)
if err := proto.Unmarshal(in.GetLeafProof().GetLeaf().GetLeafValue(), entry); err != nil {
return err
}
if err := commitments.Verify(userID, appID, entry.Commitment, in.Committed); err != nil {
if err := commitments.Verify(userID, appID, entry.GetCommitment(), in.GetCommitted()); err != nil {
return err
}
}
@@ -94,7 +94,7 @@ func (v *Verifier) VerifyGetEntryResponse(ctx context.Context, userID, appID str
}
Vlog.Printf("✓ Commitment verified.")
index, err := v.vrf.ProofToHash(vrf.UniqueID(userID, appID), in.VrfProof)
index, err := v.vrf.ProofToHash(vrf.UniqueID(userID, appID), in.GetVrfProof())
if err != nil {
Vlog.Printf("✗ VRF verification failed.")
return fmt.Errorf("vrf.ProofToHash(%v, %v): %v", userID, appID, err)
@@ -122,16 +122,16 @@ func (v *Verifier) VerifyGetEntryResponse(ctx context.Context, userID, appID str
// by removing the signature from the object.
smr := *in.GetSmr()
smr.Signature = nil // Remove the signature from the object to be verified.
if err := tcrypto.VerifyObject(v.sig, smr, in.GetSmr().Signature); err != nil {
if err := tcrypto.VerifyObject(v.sig, smr, in.GetSmr().GetSignature()); err != nil {
Vlog.Printf("✗ Signed Map Head signature verification failed.")
return fmt.Errorf("sig.Verify(SMR): %v", err)
}
Vlog.Printf("✓ Signed Map Head signature verified.")
// Verify consistency proof between root and newroot.
// TODO(gdbelvin): Gossip root.
if err := v.log.VerifyRoot(trusted, in.LogRoot, in.LogConsistency); err != nil {
return fmt.Errorf("VerifyRoot(%v, %v): %v", in.LogRoot, in.LogConsistency, err)
if err := v.log.VerifyRoot(trusted, in.GetLogRoot(), in.GetLogConsistency()); err != nil {
return fmt.Errorf("VerifyRoot(%v, %v): %v", in.GetLogRoot(), in.GetLogConsistency(), err)
}
Vlog.Printf("✓ Log root updated.")
@@ -141,7 +141,7 @@ func (v *Verifier) VerifyGetEntryResponse(ctx context.Context, userID, appID str
return fmt.Errorf("json.Marshal(): %v", err)
}
if err := v.log.VerifyInclusionAtIndex(trusted, b, in.GetSmr().GetMapRevision(),
in.LogInclusion); err != nil {
in.GetLogInclusion()); err != nil {
return fmt.Errorf("VerifyInclusionAtIndex(%s, %v, _): %v",
b, in.GetSmr().GetMapRevision(), err)
}

0 comments on commit a829e3c

Please sign in to comment.