backport r18420 and r18423

svn:r18424
author: Roger Dingledine <arma@torproject.org> 2009-02-09 03:21:04 +0000
committer: Roger Dingledine <arma@torproject.org> 2009-02-09 03:21:04 +0000
commit: 6c21f610c581aa34f6ce6ca95ccbf6c4dcda4283 (patch)
tree: ffe4d038d1c72324f79cede64bc5229a008d028f
parent: 4c7a8841298cc2633fefa63730f591d4ddb4e015 (diff)
download: tor-6c21f610c581aa34f6ce6ca95ccbf6c4dcda4283.tar.gz
tor-6c21f610c581aa34f6ce6ca95ccbf6c4dcda4283.zip
3 files changed, 15 insertions, 7 deletions
diff --git a/ChangeLog b/ChangeLog
index 79c0ed944b..db761a5eca 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,17 +1,19 @@
 Changes in version 0.2.0.34 - 2009-02-08
-  o Major bugfixes:
+  o Security fixes:
     - Fix an infinite-loop bug on handling corrupt votes under certain
       circumstances. Bugfix on 0.2.0.8-alpha.
+    - Fix a temporary DoS vulnerability that could be performed by
+      a directory mirror. Bugfix on 0.2.0.9-alpha; reported by lark.
     - Avoid a potential crash on exit nodes when processing malformed
-      input.  Remote DoS opportunity.  Bugfix on 0.2.0.33.
+      input. Remote DoS opportunity. Bugfix on 0.2.0.33.
+    - Do not accept incomplete ipv4 addresses (like 192.168.0) as valid.
+      Spec conformance issue. Bugfix on Tor 0.0.2pre27.
 
   o Minor bugfixes:
     - Fix compilation on systems where time_t is a 64-bit integer.
       Patch from Matthias Drochner.
     - Don't consider expiring already-closed client connections. Fixes
       bug 893. Bugfix on 0.0.2pre20.
-    - Do not accept incomplete ipv4 addresses (like 192.168.0) as valid.
-      Spec conformance issue. Bugfix on Tor 0.0.2pre27.
 
 
 Changes in version 0.2.0.33 - 2009-01-21
diff --git a/doc/TODO.020 b/doc/TODO.020
index 684b98dd6e..e8b1d4a98b 100644
--- a/doc/TODO.020
+++ b/doc/TODO.020
@@ -3,7 +3,7 @@
 description of the patch.)
 
 Backport for 0.2.0:
-  - r17887: Don't accept 1.2.3 as a valid IP address.
+  o r17887: Don't accept 1.2.3 as a valid IP address.
 
 Backport for 0.2.0 once better tested:
   - r17208,r17209,r7211,r17212,r17214: Avoid gotterdammerung when an
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 7524e7205a..87c5d4ba11 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -1549,12 +1549,18 @@ authority_cert_parse_from_string(const char *s, const char **end_of_string)
 
   tok = find_first_by_keyword(tokens, K_DIR_ADDRESS);
   if (tok) {
+    struct in_addr in;
+    char *address = NULL;
     tor_assert(tok->n_args);
-    if (parse_addr_port(LOG_WARN, tok->args[0], NULL, &cert->addr,
-                        &cert->dir_port)<0) {
+    if (parse_addr_port(LOG_WARN, tok->args[0], &address, NULL,
+                        &cert->dir_port)<0 ||
+        tor_inet_aton(address, &in) == 0) {
       log_warn(LD_DIR, "Couldn't parse dir-address in certificate");
+      tor_free(address);
       goto err;
     }
+    cert->addr = ntohl(in.s_addr);
+    tor_free(address);
   }
 
   tok = find_first_by_keyword(tokens, K_DIR_KEY_PUBLISHED);
author	Roger Dingledine <arma@torproject.org>	2009-02-09 03:21:04 +0000
committer	Roger Dingledine <arma@torproject.org>	2009-02-09 03:21:04 +0000
commit	6c21f610c581aa34f6ce6ca95ccbf6c4dcda4283 (patch)
tree	ffe4d038d1c72324f79cede64bc5229a008d028f
parent	4c7a8841298cc2633fefa63730f591d4ddb4e015 (diff)
download	tor-6c21f610c581aa34f6ce6ca95ccbf6c4dcda4283.tar.gz tor-6c21f610c581aa34f6ce6ca95ccbf6c4dcda4283.zip