[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #21450 [Core Tor/Tor]: Consistently parse tor versions regardless of word size

#21450: Consistently parse tor versions regardless of word size
------------------------------+--------------------------------
     Reporter:  teor          |      Owner:
         Type:  defect        |     Status:  new
     Priority:  Medium        |  Milestone:  Tor: 0.3.0.x-final
    Component:  Core Tor/Tor  |    Version:
     Severity:  Normal        |   Keywords:
Actual Points:                |  Parent ID:
       Points:  0.5           |   Reviewer:
      Sponsor:                |
------------------------------+--------------------------------
 We use strtol() in tor_version_parse(), but longs are different sizes on
 32-bit and 64-bit.

 Casting long to int means that some versions that look different on 64-bit
 platforms could be truncated and look the same on 32-bit platforms. And
 some versions that parse on 64-bit platforms fail to parse on 32-bit
 platforms (particularly after #21278, because the cast makes some of them
 negative).

 This fix does not need a new consensus method, because we reject router
 descriptors with version components that don't parse in #21278.

 Here's my patch:
 {{{
 diff --git a/src/or/routerparse.c b/src/or/routerparse.c
 index 58b9a22438..9d8ef11ac7 100644
 --- a/src/or/routerparse.c
 +++ b/src/or/routerparse.c
 @@ -4840,6 +4840,7 @@ tor_version_parse(const char *s, tor_version_t *out)
  {
    char *eos=NULL;
    const char *cp=NULL;
 +  int ok = 1;
    /* Format is:
     *   "Tor " ? NUM dot NUM [ dot NUM [ ( pre | rc | dot ) NUM ] ] [ -
 tag ]
     */
 @@ -4855,7 +4856,9 @@ tor_version_parse(const char *s, tor_version_t *out)

  #define NUMBER(m)                               \
    do {                                          \
 -    out->m = (int)strtol(cp, &eos, 10);         \
 +    out->m = (int)tor_parse_uint64(val, 10, 0, INT32_MAX, &ok, &eos); \
 +    if (!ok)                                    \
 +      return -1;                                \
      if (!eos || eos == cp)                      \
        return -1;                                \
      cp = eos;                                   \
 }}}

 This might also need a torspec patch saying that INT_MAX is the limit, or
 that implementations can place limits on version numbers.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21450>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs