[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/maint-0.2.9] When examining descriptors as a dirserver, reject ones with bad versions
commit 02e05bd74dbec614397b696cfcda6525562a4675
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Mon Feb 13 11:18:04 2017 -0500
When examining descriptors as a dirserver, reject ones with bad versions
This is an extra fix for bug 21278: it ensures that these
descriptors and platforms will never be listed in a legit consensus.
---
changes/bug21278_prevention | 4 ++++
src/or/dirserv.c | 10 ++++++++++
2 files changed, 14 insertions(+)
diff --git a/changes/bug21278_prevention b/changes/bug21278_prevention
new file mode 100644
index 0000000..e07f0a6
--- /dev/null
+++ b/changes/bug21278_prevention
@@ -0,0 +1,4 @@
+ o Minor features (directory authority):
+ - Directory authorities now reject descriptors that claim to be
+ malformed versions of Tor. Helps prevent exploitation of bug 21278.
+
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 1b614b9..fa3938b 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -365,6 +365,16 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
strmap_size(fingerprint_list->fp_by_name),
digestmap_size(fingerprint_list->status_by_digest));
+ if (platform) {
+ tor_version_t ver_tmp;
+ if (tor_version_parse_platform(platform, &ver_tmp, 1) < 0) {
+ if (msg) {
+ *msg = "Malformed platform string.";
+ }
+ return FP_REJECT;
+ }
+ }
+
/* Versions before Tor 0.2.4.18-rc are too old to support, and are
* missing some important security fixes too. Disable them. */
if (platform && !tor_version_as_new_as(platform,"0.2.4.18-rc")) {
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits