[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #30721 [Core Tor/Tor]: tor_addr_port_lookup() is overly permissive



#30721: tor_addr_port_lookup() is overly permissive
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  teor
     Type:  defect                               |         Status:
                                                 |  needs_revision
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.4.2.x-final
Component:  Core Tor/Tor                         |        Version:  Tor:
                                                 |  unspecified
 Severity:  Normal                               |     Resolution:
 Keywords:  technical-debt, tor-addr, refactor,  |  Actual Points:  1.0
  practracker-improvement                        |
Parent ID:                                       |         Points:  0.5
 Reviewer:  catalyst                             |        Sponsor:
                                                 |  Sponsor31-can
-------------------------------------------------+-------------------------
Changes (by teor):

 * actualpoints:  0.5 => 1.0


Comment:

 Replying to [comment:4 catalyst]:
 > Replying to [comment:1 teor]:
 > > This bug was introduced in in 0.2.1.5-alpha, when tor_addr_lookup()
 was called tor_addr_port_parse().
 > >
 > > The first commit fixes the bug, the next two commits refactor the code
 so the logic is clearer. I split tor_addr_lookup() into 3 separate
 functions as part of the refactor, the split gets rid of a practracker
 exception.
 > >
 > > See my pull request https://github.com/torproject/tor/pull/1068
 > >
 > > This change will break some rare, invalid tor configs, so we can't
 backport it.
 > Thanks! This looks good by visual inspection. The commit structure is
 helpful. The first commit could use a few minor changes:
 > * Add a changes file

 The PR already has changes/bug30721:
 https://github.com/torproject/tor/pull/1068/files#diff-
 82ae46251bd81539f5fb75c1d7e7a82b

 > * Maybe add unit tests to ensure that IPv4 addresses with square
 brackets get rejected?

 Hmm yeah the unit tests are not in a great state. I'm working on them.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30721#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs