[tor-bugs] #22469 [Core Tor/Tor]: tor should better validate invalid ipv6 address:port definitions
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jun 2 19:17:39 UTC 2017
#22469: tor should better validate invalid ipv6 address:port definitions
--------------------------+------------------------------------
Reporter: toralf | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version: Tor: 0.3.1.2-alpha
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+------------------------------------
Comment (by catalyst):
`tor.1.txt` documents the port number as optional for ExitPolicy, so if
it's a tor bug, it's a documented one. It doesn't explicitly say whether
the `0x` prefix is allowed for specifying hexadecimal port numbers. A
comment in `exit_policy.py` says that the `exitpattern` spec in `dir-
spec.txt` is stricter than what torrc allows. Is the problem that tor is
propagating some `exitpattern`s to descriptors or to the control protocol
without normalizing them to the stricter `dir-spec.txt` grammar?
(Also toralf not teor is the reporter of this ticket.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22469#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list