Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

resume being printist: if the hostname contains non-printable
characters, then fail. this time don't even bother telling the
server operator about these cases, because what's he going to do?

if it turns out that some significant population somewhere in the
world uses non-printable hostnames and wants to use tor, then i
hereby assume that they will contact us.


svn:r6171

Roger Dingledine 18 years ago
parent
0e62befab8
commit
9a5df4cef5
2 changed files with 21 additions and 1 deletions
Split View Show Diff Stats
  1. 14 1
      src/or/buffers.c
  2. 7 0
      src/or/connection_edge.c

+ 14 - 1
src/or/buffers.c
View File 

@@ -1003,7 +1003,13 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
 
           req->address[len] = 0;
 
           req->port = ntohs(get_uint16(buf->cur+5+len));
 
           buf_remove_from_front(buf, 5+len+2);
 
-
 
+          if (!tor_strisprint(req->address) || strchr(req->address,'\"')) {
 
+            log_warn(LD_PROTOCOL,
 
+                     "Your application (using socks5 on port %d) gave Tor "
 
+                     "a malformed hostname: %s. Rejecting the connection.",
 
+                     req->port, escaped(req->address));
 
+            return -1;
 
+          }
 
           if (log_sockstype)
 
             log_notice(LD_APP,
 
                   "Your application (using socks5 on port %d) gave "
 
@@ -1098,6 +1104,13 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype)
 
       log_debug(LD_APP,"socks4: Everything is here. Success.");
 
       strlcpy(req->address, startaddr ? startaddr : tmpbuf,
 
               sizeof(req->address));
 
+      if (!tor_strisprint(req->address) || strchr(req->address,'\"')) {
 
+        log_warn(LD_PROTOCOL,
 
+                 "Your application (using socks4 on port %d) gave Tor "
 
+                 "a malformed hostname: %s. Rejecting the connection.",
 
+                 req->port, escaped(req->address));
 
+        return -1;
 
+      }
 
       /* next points to the final \0 on inbuf */
 
       buf_remove_from_front(buf, next-buf->cur+1);
 
       return 1;

+ 7 - 0
src/or/connection_edge.c
View File 

@@ -1533,6 +1533,13 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
 
     tor_free(address);
 
     return 0;
 
   }
 
+  if (!tor_strisprint(address)) {
 
+    log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
 
+           "Non-printing characters in address %s in relay "
 
+           "begin cell. Dropping.", escaped(address));
 
+    tor_free(address);
 
+    return 0;
 
+  }
 
 
   log_debug(LD_EXIT,"Creating new exit connection.");
 
   n_stream = connection_new(CONN_TYPE_EXIT);