From 4d96d6a75312b859f3274ac9467ffd3bff7acbc0 Mon Sep 17 00:00:00 2001
From: jfreegman <jfreegman@gmail.com>
Date: Tue, 27 Oct 2020 12:34:12 -0400
Subject: [PATCH] Fix regression related to https lookups

Reducing the buffer size of HTTPS responses broke DHT nodelist fetching. This change
puts the old buffer size back and converts all stack allocations of the read buffer
to heap allocations.
---
 src/bootstrap.c   | 19 ++++++++++++++-----
 src/curl_util.h   |  2 +-
 src/name_lookup.c | 12 ++++++++----
 3 files changed, 23 insertions(+), 10 deletions(-)

diff --git a/src/bootstrap.c b/src/bootstrap.c
index 211c120..fd8565c 100644
--- a/src/bootstrap.c
+++ b/src/bootstrap.c
@@ -241,6 +241,7 @@ on_exit:
  * Return -2 if http lookup failed.
  * Return -3 if http reponse was empty.
  * Return -4 if data could not be written to disk.
+ * Return -5 if memory allocation fails.
  */
 static int update_DHT_nodeslist(const char *nodes_path)
 {
@@ -254,26 +255,34 @@ static int update_DHT_nodeslist(const char *nodes_path)
         return -1;
     }
 
-    struct Recv_Curl_Data recv_data;
+    struct Recv_Curl_Data *recv_data = calloc(1, sizeof(struct Recv_Curl_Data));
 
-    memset(&recv_data, 0, sizeof(struct Recv_Curl_Data));
+    if (recv_data == NULL) {
+        fclose(fp);
+        return -5;
+    }
 
-    if (curl_fetch_nodes_JSON(&recv_data) == -1) {
+    if (curl_fetch_nodes_JSON(recv_data) == -1) {
+        free(recv_data);
         fclose(fp);
         return -2;
     }
 
-    if (recv_data.length == 0) {
+    if (recv_data->length == 0) {
+        free(recv_data);
         fclose(fp);
         return -3;
     }
 
-    if (fwrite(recv_data.data, recv_data.length, 1, fp) != 1) {
+    if (fwrite(recv_data->data, recv_data->length, 1, fp) != 1) {
+        free(recv_data);
         fclose(fp);
         return -4;
     }
 
+    free(recv_data);
     fclose(fp);
+
     return 1;
 }
 
diff --git a/src/curl_util.h b/src/curl_util.h
index 716d3a4..2590308 100644
--- a/src/curl_util.h
+++ b/src/curl_util.h
@@ -27,7 +27,7 @@
 #define TLS_CIPHER_SUITE_LIST "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK"
 
 /* Max size of an http response that we can store in Recv_Data */
-#define MAX_RECV_CURL_DATA_SIZE 1024
+#define MAX_RECV_CURL_DATA_SIZE 32767
 
 /* Holds data received from curl lookup */
 struct Recv_Curl_Data {
diff --git a/src/name_lookup.c b/src/name_lookup.c
index b52f98a..2dad86f 100644
--- a/src/name_lookup.c
+++ b/src/name_lookup.c
@@ -265,9 +265,12 @@ void *lookup_thread_func(void *data)
         kill_lookup_thread();
     }
 
-    struct Recv_Curl_Data recv_data;
+    struct Recv_Curl_Data *recv_data = calloc(1, sizeof(struct Recv_Curl_Data));
 
-    memset(&recv_data, 0, sizeof(struct Recv_Curl_Data));
+    if (recv_data == NULL) {
+        lookup_error(self, "memory allocation error");
+        kill_lookup_thread();
+    }
 
     char post_data[MAX_STR_SIZE + 30];
 
@@ -285,7 +288,7 @@ void *lookup_thread_func(void *data)
 
     curl_easy_setopt(c_handle, CURLOPT_WRITEFUNCTION, curl_cb_write_data);
 
-    curl_easy_setopt(c_handle, CURLOPT_WRITEDATA, &recv_data);
+    curl_easy_setopt(c_handle, CURLOPT_WRITEDATA, recv_data);
 
     curl_easy_setopt(c_handle, CURLOPT_USERAGENT, "libcurl-agent/1.0");
 
@@ -334,7 +337,7 @@ void *lookup_thread_func(void *data)
         }
     }
 
-    if (process_response(&recv_data) == -1) {
+    if (process_response(recv_data) == -1) {
         lookup_error(self, "Bad response.");
         goto on_exit;
     }
@@ -344,6 +347,7 @@ void *lookup_thread_func(void *data)
     pthread_mutex_unlock(&Winthread.lock);
 
 on_exit:
+    free(recv_data);
     curl_slist_free_all(headers);
     curl_easy_cleanup(c_handle);
     kill_lookup_thread();