From c42a55d51502819836a0fcde31891217f8173cee Mon Sep 17 00:00:00 2001
From: Emil Engler <me@emilengler.com>
Date: Mon, 24 Oct 2022 14:40:51 +0200
Subject: [PATCH] tor-cell: Consistent and secure conversion to u16

This commit improves the overflow protection of one call to
Vec::write_u16(), by replacing the cast conversion from self.sig.len()
with a call to u16::try_from(), like it is already done in the rest of
the accompanying function.
---
 crates/tor-cell/src/relaycell/onion_service.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crates/tor-cell/src/relaycell/onion_service.rs b/crates/tor-cell/src/relaycell/onion_service.rs
index 962aced71..3d0477917 100644
--- a/crates/tor-cell/src/relaycell/onion_service.rs
+++ b/crates/tor-cell/src/relaycell/onion_service.rs
@@ -194,7 +194,7 @@ impl msg::Body for EstablishIntro {
         }
 
         w.write_all(&self.handshake_auth[..]);
-        w.write_u16(self.sig.len() as u16);
+        w.write_u16(u16::try_from(self.sig.len()).map_err(|_| EncodeError::BadLengthValue)?);
         w.write_all(&self.sig[..]);
         Ok(())
     }