[tor-bugs] #23082 [Core Tor/Tor]: tor_addr_parse is overly permissive
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Sep 13 20:55:52 UTC 2017
#23082: tor_addr_parse is overly permissive
--------------------------+------------------------------------
Reporter: dcf | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.2.x-final
Component: Core Tor/Tor | Version: Tor: 0.3.1.5-alpha
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+------------------------------------
Description changed by dcf:
Old description:
> tor_addr_parse allows these surprising address formats:
> * `[192.0.2.1]` (IPv4 in square brackets) → 192.0.2.1
> * `[11.22.33.44` (IPv4 with left square bracket only) → 11.22.33.4
> * `[11:22::33:44` (IPv6 with left square bracket only) → 11:22::33:44
> * `11:22::33:44:` (IPv6 with trailing colon) → 11:22::33:44
New description:
tor_addr_parse allows these surprising address formats:
* `[192.0.2.1]` (IPv4 in square brackets) → 192.0.2.1
* `[11.22.33.44` (IPv4 with left square bracket only) → 11.22.33.4
* `[11:22::33:44` (IPv6 with left square bracket only) → 11:22::33:4
* `11:22::33:44:` (IPv6 with trailing colon) → 11:22::33:44
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23082#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list