[tor-bugs] #27367 [Core Tor/Tor]: Authorities should reject non-UTF-8 in relay descriptors
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Sep 2 22:34:11 UTC 2018
#27367: Authorities should reject non-UTF-8 in relay descriptors
-------------------------------------------------+-------------------------
Reporter: teor | Owner: (none)
Type: defect | Status:
| needs_revision
Priority: Medium | Milestone: Tor:
| 0.3.6.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: rust-wants, prop285, | Actual Points:
034-triage-20180328, 034-removed-20180328 |
Parent ID: #24033 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by teor):
Replying to [comment:13 cyberpunks]:
> Replying to [comment:7 teor]:
> > Since the UTF-8 checking function accepts a length, we should probably
also check for NUL. If we fail on the first NUL, this check becomes a
last-ditch memory safety check, as most bytes in RAM are NUL.
> >
> > We should probably also log a bug warning if the function encounters a
NUL byte:
>
> Receiving a NUL byte isn't a bug though. This function is processing
untrusted input from `fetch_from_buf_http()` that might contain anything
including NUL bytes.
Right, it's not a bug in tor, but it is a protocol violation. (NUL bytes
are ok in compressed content. But when it's uncompressed, it should all be
UTF-8.)
We probably don't need a separate check then.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27367#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list