[tor-bugs] #23512 [Core Tor/Tor]: Bandwidth stats info leak upon close of circuits with queued cells
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Oct 26 13:38:39 UTC 2018
#23512: Bandwidth stats info leak upon close of circuits with queued cells
-------------------------------------------------+-------------------------
Reporter: asn | Owner: (none)
Type: defect | Status:
| merge_ready
Priority: Medium | Milestone: Tor:
| 0.3.4.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-bug-bounty, congestion-attack, | Actual Points:
research, watermark, tor-stats, guard- |
discovery-stats, 034-triage-20180328, |
034-removed-20180328 |
Parent ID: | Points:
Reviewer: dgoulet | Sponsor:
| SponsorQ
-------------------------------------------------+-------------------------
Comment (by Jaym):
Hello,
I've tested 0.3.5.3-alpha tagged commit and obtained the attached result
(23512_test.png)
It seems it writes a little bit more than read.
Here is also the state file of the onion service:
{{{
# Tor state file last generated on 2018-10-26 14:53:22 local time
# Other times below are in UTC
# You *do not* need to edit this file.
Guard in=default rsa_id=2B3219A5C66CC7ECCFA55804C465B7CCBEAF027C
nickname=test036r sampled_on=2018-10-18!T04:20:23 sampled_by=0.3.5.3-alpha
unlisted_since=2018-10-23!T18:34:51 listed=0
Guard in=default rsa_id=BA6632FA2F2A213FCB6E087C0F22052A0B62812B
nickname=test020r sampled_on=2018-10-16!T05:28:18 sampled_by=0.3.5.3-alpha
listed=1
Guard in=default rsa_id=730DBE47049E36CFCF683F1309D5B0A925D8DECF
nickname=test017r sampled_on=2018-10-23!T03:39:25 sampled_by=0.3.5.3-alpha
listed=1
Guard in=default rsa_id=31A83FFA0F6B0BB742EF2C4122EF9F20140281D7
nickname=test001a sampled_on=2018-10-16!T10:39:44 sampled_by=0.3.5.3-alpha
listed=1
Guard in=default rsa_id=DBF56FB1117C471BF0190A7374A6CB2291182EA2
nickname=test004a sampled_on=2018-10-18!T23:54:35 sampled_by=0.3.5.3-alpha
listed=1
Guard in=default rsa_id=E1727EB54ABCEA12AE92F5BCC48189A9C1097EE5
nickname=test030r sampled_on=2018-10-17!T04:19:16 sampled_by=0.3.5.3-alpha
listed=1
Guard in=default rsa_id=457AE0016470CC5D419BC24DB0ECA976F72D840D
nickname=test022r sampled_on=2018-10-21!T23:09:21 sampled_by=0.3.5.3-alpha
listed=1
Guard in=default rsa_id=715E1FD56CAD6F679685DAEB2D28A3FBCF707F59
nickname=test009r sampled_on=2018-10-23!T17:40:06 sampled_by=0.3.5.3-alpha
listed=1
Guard in=default rsa_id=FD18458EA5620B3B20A347DB03B01F26BF01C10F
nickname=test006r sampled_on=2018-10-18!T15:28:12 sampled_by=0.3.5.3-alpha
listed=1
Guard in=default rsa_id=12FF90989AB07018CB36B76CED915FEDF09BCE66
nickname=test029r sampled_on=2018-10-18!T14:07:29 sampled_by=0.3.5.3-alpha
listed=1
Guard in=default rsa_id=D770B6F40A11658BDCD89C94C75AD92A2A80292E
nickname=test025r sampled_on=2018-10-15!T19:02:38 sampled_by=0.3.5.3-alpha
listed=1
Guard in=default rsa_id=C5F1BEDA4B33823E1679EDE5D54C9458096D5DA3
nickname=test011r sampled_on=2018-10-17!T07:58:18 sampled_by=0.3.5.3-alpha
listed=1 confirmed_on=2018-10-20!T14:39:33 confirmed_idx=1
pb_use_attempts=6.000000 pb_use_successes=6.000000
pb_circ_attempts=19.000000 pb_circ_successes=19.000000
pb_successful_circuits_closed=19.000000
Guard in=default rsa_id=C83F9431C4BC3148E3CAC94C4E47A1096A0F0932
nickname=test034r sampled_on=2018-10-26!T06:24:44 sampled_by=0.3.5.3-alpha
listed=1
Guard in=default rsa_id=093FD73B2F6AD9CB265D45C23BB603A8D9F0ED8F
nickname=test000a sampled_on=2018-10-22!T01:08:39 sampled_by=0.3.5.3-alpha
listed=1 confirmed_on=2018-10-23!T18:31:03 confirmed_idx=2
pb_circ_attempts=1.000000 pb_circ_successes=1.000000
pb_successful_circuits_closed=1.000000
Guard in=default rsa_id=2AE442FFA549D6C5EE1208D1FB75E5751DBB3992
nickname=test035r sampled_on=2018-10-23!T05:00:23 sampled_by=0.3.5.3-alpha
unlisted_since=2018-10-25!T11:09:47 listed=0
Guard in=default rsa_id=44711053A24B2C5AF71383525CBCFDEE20BEEDFD
nickname=test010r sampled_on=2018-10-23!T11:41:25 sampled_by=0.3.5.3-alpha
listed=1
Guard in=default rsa_id=6F999ACBBDC74290E7CF6CA8E7FCCC83262F31FA
nickname=test031r sampled_on=2018-10-23!T14:34:54 sampled_by=0.3.5.3-alpha
listed=1
Guard in=default rsa_id=BD7181E1F07B6861C9364C1EAED80A4D1F3165C2
nickname=test005r sampled_on=2018-10-15!T13:55:08 sampled_by=0.3.5.3-alpha
listed=1 confirmed_on=2018-10-25!T03:33:03 confirmed_idx=0
pb_use_attempts=18.000000 pb_use_successes=18.000000
pb_circ_attempts=41.000000 pb_circ_successes=38.000000
pb_successful_circuits_closed=37.000000 pb_collapsed_circuits=1.000000
pb_timeouts=7.000000
Guard in=default rsa_id=38EA4662196889A9F00C17BA013FEBAD3BB79402
nickname=test003a sampled_on=2018-10-23!T08:15:56 sampled_by=0.3.5.3-alpha
listed=1
Guard in=default rsa_id=3FE678DE44C4BF8979353670240385045FCB1155
nickname=test014r sampled_on=2018-10-19!T04:15:31 sampled_by=0.3.5.3-alpha
listed=1
!TorVersion Tor 0.3.5.3-alpha (git-444e9b37c53b0246)
!LastWritten 2018-10-26 12:53:22
!TotalBuildTimes 108
!CircuitBuildTimeBin 25 15
!CircuitBuildTimeBin 75 49
!CircuitBuildTimeBin 125 26
!CircuitBuildTimeBin 175 4
!CircuitBuildTimeBin 225 2
!CircuitBuildTimeBin 275 3
!CircuitBuildTimeBin 325 3
!CircuitBuildTimeBin 425 2
!CircuitBuildTimeBin 475 2
!CircuitBuildTimeBin 575 2
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23512#comment:35>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list