[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #2683 [Tor Directory Authority]: authority received unparseable routerstatus entry
#2683: authority received unparseable routerstatus entry
-------------------------------------+--------------------------------------
Reporter: arma | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone:
Component: Tor Directory Authority | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------------------+--------------------------------------
Changes (by rransom):
* priority: critical => normal
Comment:
Replying to [comment:5 rransom]:
> Replying to [comment:4 arma]:
> > Are we really calling strlen on an arbitrary vote blob we got from the
network?
>
> Yes, even though that's the wrong way to determine the length of that
particular blob. And worse, we're calling `strlen` on a blob some fuzzer
handed us ''after we parse it''.
`strlen` is the least scary operation we perform on that blob. (Yes, I
know it could contain embedded NULs.)
Decreasing priority back to ânormalâ as well, because this is hardly the
scariest parser that an attacker can feed nastygrams to.
We should consider the following possible improvements, though:
* Demote the warning messages to âprotocol warningsâ, so that the guy with
the fuzzer can't spam the DAs' logs with as many junk warnings.
* Save ''all'' blobs received from the network to disk before trying to
parse them, mainly so that if someone does crash an authority, we ''know''
we have a copy of the malicious input (and we don't have to dig it out of
a core dump).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2683#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs