[tor-bugs] #2683 [Tor Directory Authority]: authority received unparseable routerstatus entry
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Mar 15 15:59:06 UTC 2011
#2683: authority received unparseable routerstatus entry
-------------------------------------+--------------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: critical | Milestone:
Component: Tor Directory Authority | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------------------+--------------------------------------
Changes (by rransom):
* priority: normal => critical
Comment:
Replying to [comment:4 arma]:
> Are we really calling strlen on an arbitrary vote blob we got from the
network?
Yes, even though that's the wrong way to determine the length of that
particular blob. And worse, we're calling `strlen` on a blob some fuzzer
handed us ''after we parse it''.
Unfortunately, I don't see a nice way to check the signature before we
feed a potential fuzz-bomb through our parser.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2683#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list