Re: [tor-bugs] #4745 [Tor Relay]: Possible flaws in sockaddr validation in connection_handle_listener_read()

["Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>]

#4745: Possible flaws in sockaddr validation in connection_handle_listener_read()
-----------------------+----------------------------------------------------
 Reporter:  asn        |          Owner:                    
     Type:  defect     |         Status:  new               
 Priority:  normal     |      Milestone:  Tor: 0.2.2.x-final
Component:  Tor Relay  |        Version:                    
 Keywords:             |         Parent:                    
   Points:             |   Actualpoints:                    
-----------------------+----------------------------------------------------
Changes (by nickm):

  * milestone:  => Tor: 0.2.2.x-final


Comment:

 It looks like an extra "tor_close_socket(); return 0;" is in order here.

 (This isn't actually likely to come up, since getsockname() seems to be
 only allowed to fail for reasons that can't actually happen with this
 code.... but then again, if everything that seems impossible never
 happened, we would have far fewer bugs.)

 Oh!  Also, this shouldn't be getsockname!  It should be getpeername...
 which makes me think that whatever was making check_sockaddr trigger for
 arma back in 2005 is no longer happening.  Opening a new bug for that one.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4745#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs