[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #33788 [Core Tor/Tor]: Check the return value of tor_inet_ntop()

To: undisclosed-recipients: ;
Subject: [tor-bugs] #33788 [Core Tor/Tor]: Check the return value of tor_inet_ntop()
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 01 Apr 2020 23:38:28 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 01 Apr 2020 19:38:37 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, blackhole@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#33788: Check the return value of tor_inet_ntop()
-------------------------+-------------------------------------------------
     Reporter:  teor     |      Owner:  (none)
         Type:  defect   |     Status:  new
     Priority:  Medium   |  Milestone:  Tor: 0.4.4.x-final
    Component:  Core     |    Version:
  Tor/Tor                |   Keywords:  044-should, security-low,
     Severity:  Normal   |  035-backport, 041-backport, 042-backport,
                         |  043-backport, outreachy-ipv6, ipv6
Actual Points:           |  Parent ID:  #33768
       Points:  1        |   Reviewer:
      Sponsor:           |
  Sponsor55-must         |
-------------------------+-------------------------------------------------
 The following functions don't check the return value of tor_inet_ntop():
 * tor_dup_ip(), IPv4 only, unlikely to be a serious bug
 * evdns_callback(), multiple times, IPv6, could be serious

 These functions should log a bug log using BUG(), and return an error.

 We will also need to make their callers check for the error.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33788>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #33788 [Core Tor/Tor]: Check the return value of tor_inet_ntop() and tor_inet_ntoa()
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #33788 [Core Tor/Tor]: Check the return value of tor_inet_ntop() and tor_inet_ntoa() (was: Check the return value of tor_inet_ntop())
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #33788 [Core Tor/Tor]: Check the return value of tor_inet_ntop() and tor_inet_ntoa()
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #33156 [Core Tor/Tor]: DoS subsystem should compare IPv6 /64
Next by Author: Re: [tor-bugs] #28766 [Applications/Tor Browser]: Tor Build for Android
Previous by thread: Re: [tor-bugs] #33768 [Core Tor/Tor]: Make tor_inet_pton() handle bad addresses consistently on Windows
Next by thread: Re: [tor-bugs] #33788 [Core Tor/Tor]: Check the return value of tor_inet_ntop() and tor_inet_ntoa() (was: Check the return value of tor_inet_ntop())
Index(es):
- Author
- Thread