[tor-bugs] #4920 [Pluggable transport]: obfsproxy: pending_socks_cb() proceeds even if getpeername() fails.
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Jan 16 16:14:16 UTC 2012
#4920: obfsproxy: pending_socks_cb() proceeds even if getpeername() fails.
---------------------------------+------------------------------------------
Reporter: asn | Owner: asn
Type: defect | Status: new
Priority: normal | Milestone:
Component: Pluggable transport | Version:
Keywords: | Parent:
Points: | Actualpoints:
---------------------------------+------------------------------------------
`network.c:pending_socks_cb()`:
{{{
...
/* Figure out where we actually connected to, and tell the socks
client */
if (getpeername(bufferevent_getfd(bev), sa, &slen) == 0) {
socks_state_set_address(socks, sa);
if (!down->peername)
down->peername = printable_address(sa, slen);
}
socks_send_reply(socks, bufferevent_get_output(up->buffer), 0);
...
}}}
If getpeername() fails, we shouldn't proceed with sending a positive SOCKS
reply.
`socks_send_reply` also messes around with socks_state_t.parsereq which is
not filled if `socks_state_set_address` was not called.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4920>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list