diff options
| author | Nick Mathewson <nickm@torproject.org> | 2006-03-05 09:50:26 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2006-03-05 09:50:26 +0000 |
| commit | 5777ee0e1a8bf0652aff75bb2c316c5bbbb4b854 (patch) | |
| tree | e410cb36f9345a0aa46b735ca2128da55a68c152 /src/or/buffers.c | |
| parent | 6a4e304d9e613b613e208bb0f11ec44c3fc30150 (diff) | |
| download | tor-5777ee0e1a8bf0652aff75bb2c316c5bbbb4b854.tar.gz tor-5777ee0e1a8bf0652aff75bb2c316c5bbbb4b854.zip | |
Add some functions to escape values from the network before sending them to the log. Use them everywhere except for routerinfo->plaftorm, routerinfo->contact_info, and rend*.c. (need sleep now)
svn:r6087
Diffstat (limited to 'src/or/buffers.c')
| -rw-r--r-- | src/or/buffers.c | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/src/or/buffers.c b/src/or/buffers.c index 71a0185957..0e1f38fb9d 100644 --- a/src/or/buffers.c +++ b/src/or/buffers.c @@ -1004,6 +1004,14 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype) req->address[len] = 0; req->port = ntohs(get_uint16(buf->cur+5+len)); buf_remove_from_front(buf, 5+len+2); + if (!tor_strisprint(req->address) || strchr(req->address,'\"')) { + log_warn(LD_PROTOCOL, + "Your application (using socks5 on port %d) gave Tor " + "a malformed hostname: %s. Rejecting the connection.", + req->port, escaped(req->address)); + return -1; + } + if (log_sockstype) log_notice(LD_APP, "Your application (using socks5 on port %d) gave " @@ -1049,7 +1057,7 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype) return -1; } log_debug(LD_APP, - "socks4: successfully read destip (%s)",safe_str(tmpbuf)); + "socks4: successfully read destip (%s)", safe_str(tmpbuf)); socks4_prot = socks4; } @@ -1088,6 +1096,7 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype) return -1; } tor_assert(next < buf->cur+buf->datalen); + if (log_sockstype) log_notice(LD_APP, "Your application (using socks4a on port %d) gave " @@ -1097,6 +1106,13 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req, int log_sockstype) log_debug(LD_APP,"socks4: Everything is here. Success."); strlcpy(req->address, startaddr ? startaddr : tmpbuf, sizeof(req->address)); + if (!tor_strisprint(req->address) || strchr(req->address,'\"')) { + log_warn(LD_PROTOCOL, + "Your application (using socks4 on port %d) gave Tor " + "a malformed hostname: %s. Rejecting the connection.", + req->port, escaped(req->address)); + return -1; + } /* next points to the final \0 on inbuf */ buf_remove_from_front(buf, next-buf->cur+1); return 1; |