[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #30721 [Core Tor/Tor]: tor_addr_port_lookup() is overly permissive
#30721: tor_addr_port_lookup() is overly permissive
-------------------------------------------------+-------------------------
Reporter: teor | Owner: teor
Type: defect | Status:
| needs_review
Priority: Medium | Milestone: Tor:
| 0.4.2.x-final
Component: Core Tor/Tor | Version: Tor:
| unspecified
Severity: Normal | Resolution:
Keywords: technical-debt, tor-addr, refactor, | Actual Points: 1.5
practracker-improvement |
Parent ID: | Points: 0.5
Reviewer: catalyst | Sponsor:
| Sponsor31-can
-------------------------------------------------+-------------------------
Changes (by teor):
* status: needs_revision => needs_review
* actualpoints: 1.0 => 1.5
Comment:
Replying to [comment:5 teor]:
> Replying to [comment:4 catalyst]:
> > * Maybe add unit tests to ensure that IPv4 addresses with square
brackets get rejected?
>
> Hmm yeah the unit tests are not in a great state. I'm working on them.
So I found two bugs while improving the unit tests:
* ambiguous IPv6:port without brackets were allowed, now they are banned
in the address-port parsing functions only (1b39bde)
* sometimes the port was set on failure, now it is always zero (679cce7)
I rewrote the tests and added a lot of tests cases, to make sure we
covered all these changes.
Some of the ambiguous test cases may fail on Linux or Windows (I only
tested on macOS), so I'll check CI in an hour or so to make sure.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30721#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs