[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r18812: {tor} We were already rejecting relay begin cells with destination (in tor/trunk: . src/or)



Author: arma
Date: 2009-03-08 20:53:42 -0400 (Sun, 08 Mar 2009)
New Revision: 18812

Modified:
   tor/trunk/ChangeLog
   tor/trunk/src/or/circuitbuild.c
Log:
We were already rejecting relay begin cells with destination port
of 0. Now also reject extend cells with destination port or address
of 0. Suggested by lark.


Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog	2009-03-09 00:43:03 UTC (rev 18811)
+++ tor/trunk/ChangeLog	2009-03-09 00:53:42 UTC (rev 18812)
@@ -38,6 +38,9 @@
       manner, to avoid platform-dependent behavior on malformed input.
     - Build correctly when configured to build outside the main source
       path. Patch from Michael Gold.
+    - We were already rejecting relay begin cells with destination port
+      of 0. Now also reject extend cells with destination port or address
+      of 0. Suggested by lark.
 
   o Minor bugfixes (on 0.2.1.x):
     - Don't re-extend introduction circuits if we ran out of RELAY_EARLY

Modified: tor/trunk/src/or/circuitbuild.c
===================================================================
--- tor/trunk/src/or/circuitbuild.c	2009-03-09 00:43:03 UTC (rev 18811)
+++ tor/trunk/src/or/circuitbuild.c	2009-03-09 00:53:42 UTC (rev 18812)
@@ -762,7 +762,13 @@
   id_digest = cell->payload+RELAY_HEADER_SIZE+4+2+ONIONSKIN_CHALLENGE_LEN;
   tor_addr_from_ipv4h(&n_addr, n_addr32);
 
-  /* First, check if they asked us for 0000..0000. We support using
+  if (!n_port || !n_addr32) {
+    log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+           "Client asked me to extend to zero destination port or addr.");
+    return -1;
+  }
+
+  /* Check if they asked us for 0000..0000. We support using
    * an empty fingerprint for the first hop (e.g. for a bridge relay),
    * but we don't want to let people send us extend cells for empty
    * fingerprints -- a) because it opens the user up to a mitm attack,