[tor-bugs] #23082 [Core Tor/Tor]: tor_addr_parse is overly permissive
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Aug 2 09:06:25 UTC 2017
#23082: tor_addr_parse is overly permissive
------------------------------+--------------------------------
Reporter: dcf | Owner:
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version: Tor: 0.3.1.5-alpha
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------+--------------------------------
tor_addr_parse allows these surprising address formats:
* `[192.0.2.1]` (IPv4 in square brackets) → 192.0.2.1
* `[11.22.33.44` (IPv4 with left square bracket only) → 11.22.33.4
* `[11:22::33:44` (IPv6 with left square bracket only) → 11:22::33:44
* `11:22::33:44:` (IPv6 with trailing colon) → 11:22::33:44
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23082>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list