[tor-bugs] #13315 [Tor]: Our SOCKS hostname validation is overly lax.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Nov 3 17:50:27 UTC 2014
#13315: Our SOCKS hostname validation is overly lax.
-------------------------+-------------------------------------
Reporter: yawning | Owner: rl1987
Type: defect | Status: needs_review
Priority: normal | Milestone:
Component: Tor | Version: Tor: unspecified
Resolution: | Keywords: tor-client, easy, socks
Actual Points: | Parent ID:
Points: |
-------------------------+-------------------------------------
Comment (by nickm):
Bugs and questions:
* There's a memory leak in string_is_valid_hostname(): the individual
values in 'components' never get freed.
* The comment on string_is_valid_hostname() is incorrect: it doesn't
actually check for all violations of RFC1035 section 2.3.1. For example,
it doesn't check for hostnames that end with -, or hostnames that start
with a digit. (I'm not saying it _should_: rejecting hostnames starting
with digits would reject some onion addresses. But either way, the
current comment doesn't match the current code.)
Other than that, it looks okay to me.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13315#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list