[tor-bugs] #30721 [Core Tor/Tor]: tor_addr_port_lookup() is overly permissive
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jun 13 15:12:43 UTC 2019
#30721: tor_addr_port_lookup() is overly permissive
-------------------------------------------------+-------------------------
Reporter: teor | Owner: teor
Type: defect | Status:
| needs_revision
Priority: Medium | Milestone: Tor:
| 0.4.2.x-final
Component: Core Tor/Tor | Version: Tor:
| unspecified
Severity: Normal | Resolution:
Keywords: technical-debt, tor-addr, refactor, | Actual Points: 1.0
practracker-improvement |
Parent ID: | Points: 0.5
Reviewer: catalyst | Sponsor:
| Sponsor31-can
-------------------------------------------------+-------------------------
Changes (by teor):
* actualpoints: 0.5 => 1.0
Comment:
Replying to [comment:4 catalyst]:
> Replying to [comment:1 teor]:
> > This bug was introduced in in 0.2.1.5-alpha, when tor_addr_lookup()
was called tor_addr_port_parse().
> >
> > The first commit fixes the bug, the next two commits refactor the code
so the logic is clearer. I split tor_addr_lookup() into 3 separate
functions as part of the refactor, the split gets rid of a practracker
exception.
> >
> > See my pull request https://github.com/torproject/tor/pull/1068
> >
> > This change will break some rare, invalid tor configs, so we can't
backport it.
> Thanks! This looks good by visual inspection. The commit structure is
helpful. The first commit could use a few minor changes:
> * Add a changes file
The PR already has changes/bug30721:
https://github.com/torproject/tor/pull/1068/files#diff-
82ae46251bd81539f5fb75c1d7e7a82b
> * Maybe add unit tests to ensure that IPv4 addresses with square
brackets get rejected?
Hmm yeah the unit tests are not in a great state. I'm working on them.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30721#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list