[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #4920 [Pluggable transport]: obfsproxy: pending_socks_cb() proceeds even if getpeername() fails.

To: undisclosed-recipients:;
Subject: [tor-bugs] #4920 [Pluggable transport]: obfsproxy: pending_socks_cb() proceeds even if getpeername() fails.
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Mon, 16 Jan 2012 16:14:16 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 16 Jan 2012 11:14:30 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#4920: obfsproxy: pending_socks_cb() proceeds even if getpeername() fails.
---------------------------------+------------------------------------------
 Reporter:  asn                  |          Owner:  asn
     Type:  defect               |         Status:  new
 Priority:  normal               |      Milestone:     
Component:  Pluggable transport  |        Version:     
 Keywords:                       |         Parent:     
   Points:                       |   Actualpoints:     
---------------------------------+------------------------------------------
 `network.c:pending_socks_cb()`:
 {{{
 ...
     /* Figure out where we actually connected to, and tell the socks
 client */
     if (getpeername(bufferevent_getfd(bev), sa, &slen) == 0) {
       socks_state_set_address(socks, sa);
       if (!down->peername)
         down->peername = printable_address(sa, slen);
     }
     socks_send_reply(socks, bufferevent_get_output(up->buffer), 0);
 ...
 }}}

 If getpeername() fails, we shouldn't proceed with sending a positive SOCKS
 reply.

 `socks_send_reply` also messes around with socks_state_t.parsereq which is
 not filled if `socks_state_set_address` was not called.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4920>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #4920 [Pluggable transport]: obfsproxy: pending_socks_cb() proceeds even if getpeername() fails.
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #4920 [Pluggable transport]: obfsproxy: pending_socks_cb() proceeds even if getpeername() fails.
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #4920 [Pluggable transport]: obfsproxy: pending_socks_cb() proceeds even if getpeername() fails.
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #4920 [Pluggable transport]: obfsproxy: pending_socks_cb() proceeds even if getpeername() fails.
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #4913 [Stem]: Add stem.util.conf.Config.save()
Next by Author: Re: [tor-bugs] #4920 [Pluggable transport]: obfsproxy: pending_socks_cb() proceeds even if getpeername() fails.
Previous by thread: Re: [tor-bugs] #4919 [Pluggable transport]: obfsproxy: Wrong sizeof target in pending_socks_cb()
Next by thread: Re: [tor-bugs] #4920 [Pluggable transport]: obfsproxy: pending_socks_cb() proceeds even if getpeername() fails.
Index(es):
- Author
- Thread