[tor-bugs] #4745 [Tor Relay]: Possible flaws in sockaddr validation in connection_handle_listener_read()
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Dec 19 16:52:51 UTC 2011
#4745: Possible flaws in sockaddr validation in connection_handle_listener_read()
-----------------------+----------------------------------------------------
Reporter: asn | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.2.x-final
Component: Tor Relay | Version:
Keywords: | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Changes (by nickm):
* milestone: => Tor: 0.2.2.x-final
Comment:
It looks like an extra "tor_close_socket(); return 0;" is in order here.
(This isn't actually likely to come up, since getsockname() seems to be
only allowed to fail for reasons that can't actually happen with this
code.... but then again, if everything that seems impossible never
happened, we would have far fewer bugs.)
Oh! Also, this shouldn't be getsockname! It should be getpeername...
which makes me think that whatever was making check_sockaddr trigger for
arma back in 2005 is no longer happening. Opening a new bug for that one.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4745#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list