[tor-bugs] #14129 [Tor]: Assertion failure in dns.c, possibly connected to UDP DoS attack

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Jan 8 08:19:41 UTC 2015


#14129: Assertion failure in dns.c, possibly connected to UDP DoS attack
------------------------+----------------------------------------------
     Reporter:  jowr    |      Owner:
         Type:  defect  |     Status:  needs_review
     Priority:  major   |  Milestone:  Tor: 0.2.6.x-final
    Component:  Tor     |    Version:  Tor: 0.2.6.1-alpha
   Resolution:          |   Keywords:  crash dos tor-relay 025-backport
Actual Points:          |  Parent ID:
       Points:          |
------------------------+----------------------------------------------

Comment (by cypherpunks):

 Replying to [comment:5 nickm]:
 > It doesn't fix the underlying issue

 The underlying issue is probably about `purge_expired_resolves` and
 already marked for close pending connection. If so then next patch could
 help:
 {{{
 --- src/or/dns.c.original       2014-10-10 06:06:24.000000000 -0700
 +++ src/or/dns.c        2015-01-08 00:17:02.289666401 -0800
 @@ -558,6 +558,8 @@
          /* Connections should only be pending if they have no socket. */
          tor_assert(!SOCKET_OK(pend->conn->base_.s));
          pendconn = pend->conn;
 +        /* prevent double-remove. */
 +        pendconn->base_.state = EXIT_CONN_STATE_RESOLVEFAILED;
          if (!pendconn->base_.marked_for_close) {
            connection_edge_end(pendconn, END_STREAM_REASON_TIMEOUT);
            circuit_detach_stream(circuit_get_by_edge_conn(pendconn),
 pendconn);
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14129#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list