<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Verdana
}
--></style>
</head>
<body class='hmmessage'>
> Date: Sun, 31 Jan 2010 20:58:46 -0600<br>> From: bennett@cs.niu.edu<br>> To: or-talk@seul.org<br>> Subject: client bug in 0.2.2.7-alpha and a new bad exit: exoassist<br><br>> So it appears that a) there is a new tor client bug in 0.2.2.7-alpha that <br>> leaves the "exoassist.exit" in the name passed along from its SOCKS listener<br>> to the destination port <br><br>I understand better now. Here's the problem, also in 0.2.2.8-alpha:<br> 2926 parse_extended_hostname(char *address, int allowdotexit)<br> 2927 {<br> 2928 char *s;<br> 2929 char query[REND_SERVICE_ID_LEN_BASE32+1];<br> 2930<br> 2931 s = strrchr(address,'.');<br> 2932 if (!s)<br> 2933 return NORMAL_HOSTNAME; /* no dot, thus normal */<br> 2934 if (!strcmp(s+1,"exit")) {<br> 2935 if (allowdotexit) {<br> 2936 *s = 0; /* NUL-terminate it */<br> 2937 return EXIT_HOSTNAME; /* .exit */<br> 2938 } /* else */<br> 2939 log_warn(LD_APP, "The \".exit\" notation is disabled in Tor due to "<br> 2940 "security risks. Set AllowDotExit in your torrc to enable it.");<br> 2941 /* FFFF send a controller event too to notify Vidalia users */<br> 2942 }<br> 2943 if (strcmp(s+1,"onion"))<br> 2944 'return NORMAL_HOSTNAME; /* neither .exit nor .onion, thus normal */<br><br>There's no 'return BAD_HOSTNAME' after the 'log_warn', so it's falling through to 'return NORMAL_HOSTNAME' and also not null-teminating the string.<br>GD<br>                                            <br /><hr />Your E-mail and More On-the-Go. Get Windows Live Hotmail Free. <a href='http://clk.atdmt.com/GBL/go/201469229/direct/01/' target='_new'>Sign up now.</a></body>
</html>