[tor-bugs] #16891 [Tor]: logging malformed hostnames in socks5 requests does not respect SafeLogging configuration
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Aug 25 11:23:20 UTC 2015
#16891: logging malformed hostnames in socks5 requests does not respect SafeLogging
configuration
----------------------------+-------------------------------
Reporter: andreasstieger | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor | Version: Tor: 0.2.6.10
Keywords: | Actual Points:
Parent ID: | Points:
----------------------------+-------------------------------
When a socks5 client application sends a request with a malformed
hostname, the following is logged:
''Your application (using socks5 to port 42) gave Tor a malformed
hostname: ['''host.example.com''']. Rejecting the connection.''
It should say `[scrubbed]` as `SafeLogging` was not set to `0`.
Bug is in `src/or/buffers.c` :: `parse_socks()`, where it uses `escaped()`
on the request address rather than `escaped_safe_str_client()`.
Patch attached.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16891>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list