[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/master] Validating SOCKS5 hostname more correctly.

commit 2862b769deaaaa40347ffe808349c4e139e7eb45
Author: rl1987 <rl1987@xxxxxxxxxxxxxxxx>
Date:   Sun Oct 12 21:04:15 2014 +0300

    Validating SOCKS5 hostname more correctly.
---
 src/or/buffers.c      |   10 +++++++++-
 src/test/test_socks.c |   11 +++++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/src/or/buffers.c b/src/or/buffers.c
index d174f81..e98f569 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -2048,7 +2048,15 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req,
           req->address[len] = 0;
           req->port = ntohs(get_uint16(data+5+len));
           *drain_out = 5+len+2;
-          if (!tor_strisprint(req->address) || strchr(req->address,'\"')) {
+
+          if (string_is_valid_ipv4_address(req->address)) {
+            log_unsafe_socks_warning(5,req->address,req->port,safe_socks);
+
+            if (safe_socks)
+              return -1;
+          }
+
+          if (!string_is_valid_hostname(req->address)) {
             log_warn(LD_PROTOCOL,
                      "Your application (using socks5 to port %d) gave Tor "
                      "a malformed hostname: %s. Rejecting the connection.",
diff --git a/src/test/test_socks.c b/src/test/test_socks.c
index 2b8f824..b9520b5 100644
--- a/src/test/test_socks.c
+++ b/src/test/test_socks.c
@@ -229,6 +229,17 @@ test_socks_5_supported_commands(void *ptr)
   tt_int_op(0,==, buf_datalen(buf));
   socks_request_clear(socks);
 
+  /* SOCKS 5 Should reject RESOLVE [F0] request for IPv4 address
+   * string if SafeSocks is enabled. */
+
+  ADD_DATA(buf, "\x05\x01\x00");
+  ADD_DATA(buf, "\x05\xF0\x00\x03\x07");
+  ADD_DATA(buf, "8.8.8.8");
+  ADD_DATA(buf, "\x01\x02");
+  tt_assert(fetch_from_buf_socks(buf,socks,get_options()->TestSocks,1)
+            == -1);
+  socks_request_clear(socks);
+
   /* SOCKS 5 Send RESOLVE_PTR [F1] for IP address 2.2.2.5 */
   ADD_DATA(buf, "\x05\x01\x00");
   ADD_DATA(buf, "\x05\xF1\x00\x01\x02\x02\x02\x05\x01\x03");



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits