[or-cvs] r18424: {tor} backport r18420 and r18423 (in tor/branches/tor-0_2_0-patches: . doc src/or)

arma at seul.org arma at seul.org
Mon Feb 9 03:21:04 UTC 2009 

Author: arma
Date: 2009-02-08 22:21:04 -0500 (Sun, 08 Feb 2009)
New Revision: 18424

Modified:
   tor/branches/tor-0_2_0-patches/ChangeLog
   tor/branches/tor-0_2_0-patches/doc/TODO.020
   tor/branches/tor-0_2_0-patches/src/or/routerparse.c
Log:
backport r18420 and r18423


Modified: tor/branches/tor-0_2_0-patches/ChangeLog
===================================================================
--- tor/branches/tor-0_2_0-patches/ChangeLog	2009-02-09 03:13:14 UTC (rev 18423)
+++ tor/branches/tor-0_2_0-patches/ChangeLog	2009-02-09 03:21:04 UTC (rev 18424)
@@ -1,17 +1,19 @@
 Changes in version 0.2.0.34 - 2009-02-08
-  o Major bugfixes:
+  o Security fixes:
     - Fix an infinite-loop bug on handling corrupt votes under certain
       circumstances. Bugfix on 0.2.0.8-alpha.
+    - Fix a temporary DoS vulnerability that could be performed by
+      a directory mirror. Bugfix on 0.2.0.9-alpha; reported by lark.
     - Avoid a potential crash on exit nodes when processing malformed
-      input.  Remote DoS opportunity.  Bugfix on 0.2.0.33.
+      input. Remote DoS opportunity. Bugfix on 0.2.0.33.
+    - Do not accept incomplete ipv4 addresses (like 192.168.0) as valid.
+      Spec conformance issue. Bugfix on Tor 0.0.2pre27.
 
   o Minor bugfixes:
     - Fix compilation on systems where time_t is a 64-bit integer.
       Patch from Matthias Drochner.
     - Don't consider expiring already-closed client connections. Fixes
       bug 893. Bugfix on 0.0.2pre20.
-    - Do not accept incomplete ipv4 addresses (like 192.168.0) as valid.
-      Spec conformance issue. Bugfix on Tor 0.0.2pre27.
 
 
 Changes in version 0.2.0.33 - 2009-01-21

Modified: tor/branches/tor-0_2_0-patches/doc/TODO.020
===================================================================
--- tor/branches/tor-0_2_0-patches/doc/TODO.020	2009-02-09 03:13:14 UTC (rev 18423)
+++ tor/branches/tor-0_2_0-patches/doc/TODO.020	2009-02-09 03:21:04 UTC (rev 18424)
@@ -3,7 +3,7 @@
 description of the patch.)
 
 Backport for 0.2.0:
-  - r17887: Don't accept 1.2.3 as a valid IP address.
+  o r17887: Don't accept 1.2.3 as a valid IP address.
 
 Backport for 0.2.0 once better tested:
   - r17208,r17209,r7211,r17212,r17214: Avoid gotterdammerung when an

Modified: tor/branches/tor-0_2_0-patches/src/or/routerparse.c
===================================================================
--- tor/branches/tor-0_2_0-patches/src/or/routerparse.c	2009-02-09 03:13:14 UTC (rev 18423)
+++ tor/branches/tor-0_2_0-patches/src/or/routerparse.c	2009-02-09 03:21:04 UTC (rev 18424)
@@ -1549,12 +1549,18 @@
 
   tok = find_first_by_keyword(tokens, K_DIR_ADDRESS);
   if (tok) {
+    struct in_addr in;
+    char *address = NULL;
     tor_assert(tok->n_args);
-    if (parse_addr_port(LOG_WARN, tok->args[0], NULL, &cert->addr,
-                        &cert->dir_port)<0) {
+    if (parse_addr_port(LOG_WARN, tok->args[0], &address, NULL,
+                        &cert->dir_port)<0 ||
+        tor_inet_aton(address, &in) == 0) {
       log_warn(LD_DIR, "Couldn't parse dir-address in certificate");
+      tor_free(address);
       goto err;
     }
+    cert->addr = ntohl(in.s_addr);
+    tor_free(address);
   }
 
   tok = find_first_by_keyword(tokens, K_DIR_KEY_PUBLISHED);

More information about the tor-commits mailing list