[tor-bugs] #13315 [Tor]: Our SOCKS hostname validation is overly lax.

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Oct 21 17:20:33 UTC 2014


#13315: Our SOCKS hostname validation is overly lax.
-------------------------+-------------------------------------
     Reporter:  yawning  |      Owner:  rl1987
         Type:  defect   |     Status:  needs_revision
     Priority:  normal   |  Milestone:
    Component:  Tor      |    Version:  Tor: unspecified
   Resolution:           |   Keywords:  tor-client, easy, socks
Actual Points:           |  Parent ID:
       Points:           |
-------------------------+-------------------------------------
Changes (by yawning):

 * status:  needs_review => needs_revision


Comment:

 Minor nitpicks:
  * Instead of `inet_pton()`, use `tor_inet_pton()`.  IIRC the only
 platform that requires this isn't supported anymore (WinXP), but no reason
 to make portability worse when the routine already exists.
  * Do we want to separate ipv4 vs ipv6 string validation?
 `string_is_ip_address(int family, const char* addr);` would be how I would
 have done it, but that's just me.
  * Per nickm: "my only question is whether we really want to do the "IP
 address in place of a hostname means a dns leak" thing.".  I will defer to
 his judgement here, changing it is easy in any case.
  * If we do end up rejecting such cases depending on `safe_socks`, use the
 spiffy new error routine you wrote and
 `socks_request_set_socks5_error(req, SOCKS5_NOT_ALLOWED);`.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13315#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list