[tor-bugs] #4434 [Tor Client]: Buffer bounds check bug in tor_addr_to_str
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Wed Nov 9 02:54:52 UTC 2011
#4434: Buffer bounds check bug in tor_addr_to_str
------------------------+---------------------------------------------------
Reporter: 4ZM | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone:
Component: Tor Client | Version:
Keywords: | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Comment(by nickm):
Looks good! I can cherry-pick this commit if you want, or wait for a
cleaned-up branch that doesn't also have #4433 and #4432 on it.
Small stuff to fix or not, your choice:
The failing test_eq checks should probably be doing a test_ptr_eq test for
NULL; test_eq is (conceptually) supposed to be for numeric types.
From a black-box testing perspective, I note that in all the cases that
test for a "too short buf", the buffer length is smaller than the smallest
possible value of that type. Does it also work correctly in the case
where (for example) we want to put the address 255.255.255.255 into a
10-byte buffer?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4434#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list