[tor-bugs] #22469 [Core Tor/Tor]: tor should better validate invalid ipv6 address:port definitions

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Jun 2 19:17:39 UTC 2017


#22469: tor should better validate invalid ipv6 address:port definitions
--------------------------+------------------------------------
 Reporter:  toralf        |          Owner:
     Type:  defect        |         Status:  new
 Priority:  Medium        |      Milestone:  Tor: unspecified
Component:  Core Tor/Tor  |        Version:  Tor: 0.3.1.2-alpha
 Severity:  Normal        |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------------------

Comment (by catalyst):

 `tor.1.txt` documents the port number as optional for ExitPolicy, so if
 it's a tor bug, it's a documented one.  It doesn't explicitly say whether
 the `0x` prefix is allowed for specifying hexadecimal port numbers.  A
 comment in `exit_policy.py` says that the `exitpattern` spec in `dir-
 spec.txt` is stricter than what torrc allows.  Is the problem that tor is
 propagating some `exitpattern`s to descriptors or to the control protocol
 without normalizing them to the stricter `dir-spec.txt` grammar?

 (Also toralf not teor is the reporter of this ticket.)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22469#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list