[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] resume being printist: if the hostname contains non-printable
Update of /home2/or/cvsroot/tor/src/or
In directory moria:/home/arma/work/onion/cvs/tor/src/or
Modified Files:
buffers.c connection_edge.c
Log Message:
resume being printist: if the hostname contains non-printable
characters, then fail. this time don't even bother telling the
server operator about these cases, because what's he going to do?
if it turns out that some significant population somewhere in the
world uses non-printable hostnames and wants to use tor, then i
hereby assume that they will contact us.
Index: buffers.c
===================================================================
RCS file: /home2/or/cvsroot/tor/src/or/buffers.c,v
retrieving revision 1.188
retrieving revision 1.189
diff -u -p -d -r1.188 -r1.189
--- buffers.c 15 Mar 2006 19:17:34 -0000 1.188
+++ buffers.c 15 Mar 2006 23:36:57 -0000 1.189
@@ -1003,7 +1003,13 @@ fetch_from_buf_socks(buf_t *buf, socks_r
req->address[len] = 0;
req->port = ntohs(get_uint16(buf->cur+5+len));
buf_remove_from_front(buf, 5+len+2);
-
+ if (!tor_strisprint(req->address) || strchr(req->address,'\"')) {
+ log_warn(LD_PROTOCOL,
+ "Your application (using socks5 on port %d) gave Tor "
+ "a malformed hostname: %s. Rejecting the connection.",
+ req->port, escaped(req->address));
+ return -1;
+ }
if (log_sockstype)
log_notice(LD_APP,
"Your application (using socks5 on port %d) gave "
@@ -1098,6 +1104,13 @@ fetch_from_buf_socks(buf_t *buf, socks_r
log_debug(LD_APP,"socks4: Everything is here. Success.");
strlcpy(req->address, startaddr ? startaddr : tmpbuf,
sizeof(req->address));
+ if (!tor_strisprint(req->address) || strchr(req->address,'\"')) {
+ log_warn(LD_PROTOCOL,
+ "Your application (using socks4 on port %d) gave Tor "
+ "a malformed hostname: %s. Rejecting the connection.",
+ req->port, escaped(req->address));
+ return -1;
+ }
/* next points to the final \0 on inbuf */
buf_remove_from_front(buf, next-buf->cur+1);
return 1;
Index: connection_edge.c
===================================================================
RCS file: /home2/or/cvsroot/tor/src/or/connection_edge.c,v
retrieving revision 1.385
retrieving revision 1.386
diff -u -p -d -r1.385 -r1.386
--- connection_edge.c 15 Mar 2006 19:17:34 -0000 1.385
+++ connection_edge.c 15 Mar 2006 23:36:57 -0000 1.386
@@ -1533,6 +1533,13 @@ connection_exit_begin_conn(cell_t *cell,
tor_free(address);
return 0;
}
+ if (!tor_strisprint(address)) {
+ log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+ "Non-printing characters in address %s in relay "
+ "begin cell. Dropping.", escaped(address));
+ tor_free(address);
+ return 0;
+ }
log_debug(LD_EXIT,"Creating new exit connection.");
n_stream = connection_new(CONN_TYPE_EXIT);