[tor-bugs] #30721 [Core Tor/Tor]: tor_addr_port_lookup() is overly permissive
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Jun 2 09:12:49 UTC 2019
#30721: tor_addr_port_lookup() is overly permissive
--------------------------------------+------------------------------------
Reporter: teor | Owner: teor
Type: defect | Status: needs_review
Priority: Medium | Milestone: Tor: 0.4.2.x-final
Component: Core Tor/Tor | Version: Tor: unspecified
Severity: Normal | Resolution:
Keywords: technical-debt, tor-addr | Actual Points: 0.5
Parent ID: | Points: 0.5
Reviewer: | Sponsor: Sponsor31-can
--------------------------------------+------------------------------------
Changes (by teor):
* status: assigned => needs_review
* keywords: technical-debt, operator-visible-change => technical-debt,
tor-addr
* points: 0.2 => 0.5
* version: => Tor: unspecified
* actualpoints: 0.2 => 0.5
Comment:
This bug was introduced in in 0.2.1.5-alpha, when tor_addr_lookup() was
called tor_addr_port_parse().
The first commit fixes the bug, the next two commits refactor the code so
the logic is clearer. I split tor_addr_lookup() into 3 separate functions
as part of the refactor, the split gets rid of a practracker exception.
See my pull request https://github.com/torproject/tor/pull/1068
This change will break some rare, invalid tor configs, so we can't
backport it.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30721#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list