[tor-bugs] #18029 [Tor]: ADD_ONION doesn't validate its target
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jan 11 15:37:53 UTC 2016
#18029: ADD_ONION doesn't validate its target
-----------------------------+------------------------------------
Reporter: atagar | Owner:
Type: defect | Status: needs_information
Priority: Low | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version: Tor: 0.2.7.1-alpha
Severity: Minor | Resolution:
Keywords: tor-hs tor-core | Actual Points:
Parent ID: | Points:
Sponsor: |
-----------------------------+------------------------------------
Comment (by atagar):
Nope, no local changes. Did an extra thorough clean with 'git reset -df'
on commit 8fc27ac and same result. The port part is validating, it's just
the address that seems to accept too much (but not everything)...
{{{
>>> GETINFO version
250-version=0.2.8.0-alpha-dev (git-8fc27ac0420c7120)
250 OK
>>> ADD_ONION NEW:BEST Port=4567,not_an_address:invalid
512 Invalid VIRTPORT/TARGET
>>> ADD_ONION NEW:BEST Port=4567,-:4567
512 Invalid VIRTPORT/TARGET
>>> ADD_ONION NEW:BEST Port=4567,aaa:4567
512 Invalid VIRTPORT/TARGET
>>> ADD_ONION NEW:BEST Port=4567,aaaaa:4567
250-ServiceID=btx52wpyix3cmsmi
250-PrivateKey=RSA1024:[crypto blob]
250 OK
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18029#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list