[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [torsocks/master] Fix: remove gethostent() usage

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [torsocks/master] Fix: remove gethostent() usage
From: dgoulet@xxxxxxxxxxxxxx
Date: Fri, 4 Apr 2014 22:40:27 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 04 Apr 2014 18:48:30 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: David Goulet <dgoulet@xxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

commit 6f8237cc1a7d2d4592734707de0a188eb79ed0af
Author: David Goulet <dgoulet@xxxxxxxxx>
Date:   Sat Feb 8 12:34:54 2014 -0500

    Fix: remove gethostent() usage
    
    Torsocks should not allow any local file resolution for external
    hostname (not localhost stuff). Furthermore, gethostent() could do LDAP
    listing thus clearly UNSAFE here.
    
    This patch removes the use of gethostent() and replace it with the new
    utils function that only resolves the hostname against localhost
    hardcoded value.
    
    Signed-off-by: David Goulet <dgoulet@xxxxxxxxx>
---
 src/lib/torsocks.c |   40 ++++------------------------------------
 1 file changed, 4 insertions(+), 36 deletions(-)

diff --git a/src/lib/torsocks.c b/src/lib/torsocks.c
index d97a598..fbb091e 100644
--- a/src/lib/torsocks.c
+++ b/src/lib/torsocks.c
@@ -320,40 +320,6 @@ error:
 }
 
 /*
- * Lookup the local host table (usually /etc/hosts) for a given hostname.
- *
- * If found, ip_addr is populated and 0 is returned.
- * If NOT found, -1 is return and ip_addr is untouched.
- */
-static int hosts_file_resolve(const char *hostname, uint32_t *ip_addr)
-{
-	int ret;
-	struct hostent *host;
-
-	assert(hostname);
-	assert(ip_addr);
-
-	DBG("Looking in local host table for %s", hostname);
-
-	/* Query the local host table if the hostname is present. */
-	while ((host = gethostent()) != NULL) {
-		if (strncasecmp(hostname, host->h_name, strlen(hostname)) == 0) {
-			/* IP is found, copying and returning success. */
-			memcpy(ip_addr, host->h_addr_list[0], sizeof(uint32_t));
-			ret = 0;
-			goto end;
-		}
-	}
-
-	/* Not found. */
-	ret = -1;
-
-end:
-	endhostent();
-	return ret;
-}
-
-/*
  * Initiate a SOCK5 connection to the Tor network using the given connection.
  * The socks5 API will use the torsocks configuration object to find the tor
  * daemon.
@@ -401,8 +367,10 @@ int tsocks_tor_resolve(const char *hostname, uint32_t *ip_addr)
 	assert(hostname);
 	assert(ip_addr);
 
-	ret = hosts_file_resolve(hostname, ip_addr);
-	if (!ret) {
+	ret = utils_localhost_resolve(hostname, AF_INET, ip_addr,
+			sizeof(uint32_t));
+	if (ret) {
+		/* Found to be a localhost name. */
 		goto end;
 	}
 



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [torsocks/master] Fix: README typos
Next by Author: [tor-commits] [torsocks/master] Add localhost resolve utils function
Previous by thread: [tor-commits] [torsocks/master] Fix: README typos
Next by thread: [tor-commits] [torsocks/master] Add localhost resolve utils function
Index(es):
- Author
- Thread