[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] [PATCH] Log malformed hostnames in socks5 request respecting SafeLogging



Hello,

I found a warning-level message in socks5 code relating to malformed
hostnames that did not respect the SafeLogging setting, breaking the
rule of least surprise. Please review the attached simple patch.

Andreas

-- 
Andreas Stieger <astieger@xxxxxxxx>
Project Manager Security
SUSE Linux GmbH, GF: Felix ImendÃrffer, Jane Smithard, Graham Norton,
HRB 21284 (AG NÃrnberg)
From 4ff76af350aa7813300ed91fc1ca90d7fad68a14 Mon Sep 17 00:00:00 2001
From: Andreas Stieger <astieger@xxxxxxxx>
Date: Mon, 24 Aug 2015 01:04:44 +0200
Subject: [PATCH] Log malformed hostnames in socks5 request respecting
 SafeLogging

---
 changes/malformed-hostname-safe-logging | 3 +++
 src/or/buffers.c                        | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)
 create mode 100644 changes/malformed-hostname-safe-logging

diff --git a/changes/malformed-hostname-safe-logging b/changes/malformed-hostname-safe-logging
new file mode 100644
index 0000000..9300726
--- /dev/null
+++ b/changes/malformed-hostname-safe-logging
@@ -0,0 +1,3 @@
+  o Minor bugfixes:
+    - When logging malformed hostnames in socks5 requests, respect
+      SafeLogging configuration
diff --git a/src/or/buffers.c b/src/or/buffers.c
index 2d7dd93..85fcbc6 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -1842,7 +1842,7 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req,
             log_warn(LD_PROTOCOL,
                      "Your application (using socks5 to port %d) gave Tor "
                      "a malformed hostname: %s. Rejecting the connection.",
-                     req->port, escaped(req->address));
+                     req->port, escaped_safe_str_client(req->address));
             return -1;
           }
           if (log_sockstype)
-- 
2.1.4

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev