[tor-bugs] #21509 [Core Tor/Tor]: Fuzz v3 hidden services
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue May 23 01:01:15 UTC 2017
#21509: Fuzz v3 hidden services
-----------------------------------+------------------------------------
Reporter: teor | Owner: dgoulet
Type: task | Status: accepted
Priority: Very High | Milestone: Tor: 0.3.1.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: fuzz, prop224, tor-hs | Actual Points:
Parent ID: | Points: 2
Reviewer: | Sponsor: SponsorR-can
-----------------------------------+------------------------------------
Description changed by teor:
Old description:
> If we want the fuzzer to effectively fuzz v3 hidden services, we need to:
> * fuzz GET requests: #21476
> * fuzz POST requests: #21478
> * add v3 GET and POST requests to the fuzzing corpus
> * disable the encrypted connection check when fuzzing (we should do this
> for v2 services as well)
> * create a v3 descriptor fuzzer
> * add v3 descriptor examples to the fuzzing corpus
New description:
If we want the fuzzer to effectively fuzz v3 hidden services, we need to:
* fuzz GET requests: #21476
* fuzz POST requests: #21478
* add v3 GET and POST requests to the fuzzing corpus
* add tokens from v3 GET and POST requests as new fuzzing token lists
* disable the encrypted connection check when fuzzing (we should do this
for v2 services as well)
* create a v3 descriptor fuzzer
* add v3 descriptor examples to the fuzzing corpus
* add tokens from v3 descriptors as a new fuzzing token list
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21509#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list