[tor-bugs] #2683 [Tor Directory Authority]: authority received unparseable routerstatus entry
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Mar 15 18:11:41 UTC 2011
#2683: authority received unparseable routerstatus entry
-------------------------------------+--------------------------------------
Reporter: arma | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone:
Component: Tor Directory Authority | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------------------+--------------------------------------
Changes (by rransom):
* priority: critical => normal
Comment:
Replying to [comment:5 rransom]:
> Replying to [comment:4 arma]:
> > Are we really calling strlen on an arbitrary vote blob we got from the
network?
>
> Yes, even though that's the wrong way to determine the length of that
particular blob. And worse, we're calling `strlen` on a blob some fuzzer
handed us ''after we parse it''.
`strlen` is the least scary operation we perform on that blob. (Yes, I
know it could contain embedded NULs.)
Decreasing priority back to ‘normal’ as well, because this is hardly the
scariest parser that an attacker can feed nastygrams to.
We should consider the following possible improvements, though:
* Demote the warning messages to ‘protocol warnings’, so that the guy with
the fuzzer can't spam the DAs' logs with as many junk warnings.
* Save ''all'' blobs received from the network to disk before trying to
parse them, mainly so that if someone does crash an authority, we ''know''
we have a copy of the malicious input (and we don't have to dig it out of
a core dump).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2683#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list