[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #30721 [Core Tor/Tor]: tor_addr_port_lookup() is overly permissive



#30721: tor_addr_port_lookup() is overly permissive
--------------------------------------+------------------------------------
 Reporter:  teor                      |          Owner:  teor
     Type:  defect                    |         Status:  needs_review
 Priority:  Medium                    |      Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor              |        Version:  Tor: unspecified
 Severity:  Normal                    |     Resolution:
 Keywords:  technical-debt, tor-addr  |  Actual Points:  0.5
Parent ID:                            |         Points:  0.5
 Reviewer:                            |        Sponsor:  Sponsor31-can
--------------------------------------+------------------------------------
Changes (by teor):

 * status:  assigned => needs_review
 * keywords:  technical-debt, operator-visible-change => technical-debt,
     tor-addr
 * points:  0.2 => 0.5
 * version:   => Tor: unspecified
 * actualpoints:  0.2 => 0.5


Comment:

 This bug was introduced in in 0.2.1.5-alpha, when tor_addr_lookup() was
 called tor_addr_port_parse().

 The first commit fixes the bug, the next two commits refactor the code so
 the logic is clearer. I split tor_addr_lookup() into 3 separate functions
 as part of the refactor, the split gets rid of a practracker exception.

 See my pull request https://github.com/torproject/tor/pull/1068

 This change will break some rare, invalid tor configs, so we can't
 backport it.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30721#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs