[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #27367 [Core Tor/Tor]: Authorities and relays should reject non-UTF-8 in relay descriptors



#27367: Authorities and relays should reject non-UTF-8 in relay descriptors
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  (none)
     Type:  defect                               |         Status:
                                                 |  needs_revision
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.3.6.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  rust-wants, prop285,                 |  Actual Points:
  034-triage-20180328, 034-removed-20180328      |
Parent ID:  #24033                               |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by atagar):

 Related a few past tickets where this has bitten us.

 Just a quick note that dirauths could use Stem as a tool for rejecting
 malformed content. It does stricter validation than the tor binary that
 descriptors are conformant with the spec. I've been performing this check
 through DocTor since 2013, filing tickets each time more bad data makes it
 into the consensus...

 https://gitweb.torproject.org/doctor.git/tree/descriptor_checker.py

 Bad data chokes not only Stem, but metrics-lib and anything else that
 ingests it.

 Clearly in an ideal world the tor binary itself would do better validation
 but in the absence of that if we took advantage of Stem's validator I
 wouldn't need to keep filing tickets every few months. Using Stem on
 dirauths to reject malformed descriptors would prevent these issues
 upfront, saving Karsten and I hassle.

 If that's a no-go I could also redirect the DocTor check I mention above
 to email other folks (Nick? teor? Maybe the network team list?) so I don't
 need to file tickets each time this comes up.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27367#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs