[tor-bugs] #17852 [Tor]: Tor Daemon hardening

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Dec 15 16:51:24 UTC 2015


#17852: Tor Daemon hardening
----------------------+------------------------------------
 Reporter:  jsturgix  |          Owner:
     Type:  defect    |         Status:  needs_revision
 Priority:  Medium    |      Milestone:  Tor: 0.2.8.x-final
Component:  Tor       |        Version:  Tor: 0.2.7
 Severity:  Normal    |     Resolution:
 Keywords:            |  Actual Points:
Parent ID:            |         Points:
  Sponsor:            |
----------------------+------------------------------------
Changes (by nickm):

 * status:  needs_review => needs_revision


Comment:

 86a5305d46175c5d0c67564d3ee4e86a27f0c460:
   * strlcat only works here if UNICODE is not defined.  Otherwise this
 breaks UNICODE builds, I think.

 191b8d8b7885609006062da7d7ef8bef7a4161a8:
   * realpath replaces .. and . and resolves symlinks.  Will this new
 behavior hurt anything?
   * The return value from realpath() is allocated with malloc().  This
 means that if tor_malloc is *not* just based on malloc, we will later fail
 when we tor_free on the pointer.
   * ... ah, never mind, you reverted it. :)

 28241bd4b47bdf4616a237f1bf28c9d65c9373af:
   * This seems to break the semantics for CPD_CHECK; see the documentation
 at the head of the function.

 Otherwise this stuff looks fine!

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17852#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list