diff options
| author | rl1987 <rl1987@sdf.lonestar.org> | 2018-06-26 14:30:02 +0300 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2018-07-09 09:37:09 -0400 |
| commit | 46998fc8fd008f780f9d0ce827b89afab3cb0210 (patch) | |
| tree | 1ea6f167717d3961e67664e440a28bb14c28bd84 /src | |
| parent | b556894ef2fc41947bcae998c8caa51e256f2a6e (diff) | |
| download | tor-46998fc8fd008f780f9d0ce827b89afab3cb0210.tar.gz tor-46998fc8fd008f780f9d0ce827b89afab3cb0210.zip | |
Validate that DirAuthority address is IPv4
Diffstat (limited to 'src')
| -rw-r--r-- | src/or/config.c | 17 | ||||
| -rw-r--r-- | src/test/test_config.c | 35 |
2 files changed, 52 insertions, 0 deletions
diff --git a/src/or/config.c b/src/or/config.c index 6bdb4ab7dc..088243e34f 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -6417,6 +6417,23 @@ parse_dir_authority_line(const char *line, dirinfo_type_t required_type, } addrport = smartlist_get(items, 0); smartlist_del_keeporder(items, 0); + + const char *addrport_sep = strchr(addrport, ':'); + if (!addrport_sep) { + log_warn(LD_CONFIG, "Error parsing DirAuthority address '%s' " + "(':' not found)", addrport); + goto err; + } + + address = tor_strndup(addrport, addrport_sep - addrport); + if (!string_is_valid_ipv4_address(address)) { + log_warn(LD_CONFIG, "Error parsing DirAuthority address '%s' " + "(invalid IPv4 address)", address); + goto err; + } + + tor_free(address); + if (addr_port_lookup(LOG_WARN, addrport, &address, NULL, &dir_port)<0) { log_warn(LD_CONFIG, "Error parsing DirAuthority address '%s'", addrport); goto err; diff --git a/src/test/test_config.c b/src/test/test_config.c index 177368c655..fd504dd3d4 100644 --- a/src/test/test_config.c +++ b/src/test/test_config.c @@ -1623,6 +1623,40 @@ test_config_parsing_trusted_dir_server(void *arg) #undef TEST_DIR_AUTH_LINE_END #undef TEST_DIR_AUTH_IPV6_FLAG +#define TEST_DIR_AUTH_LINE_START \ + "foobar orport=12345 " \ + "v3ident=14C131DFC5C6F93646BE72FA1401C02A8DF2E8B4 " +#define TEST_DIR_AUTH_LINE_END_BAD_IP \ + "0.256.3.4:54321 " \ + "FDB2 FBD2 AAA5 25FA 2999 E617 5091 5A32 C777 3B17" +#define TEST_DIR_AUTH_LINE_END_WITH_DNS_ADDR \ + "torproject.org:54321 " \ + "FDB2 FBD2 AAA5 25FA 2999 E617 5091 5A32 C777 3B17" + +static void +test_config_parsing_invalid_dir_address(void *arg) +{ + (void)arg; + int rv; + + rv = parse_dir_authority_line(TEST_DIR_AUTH_LINE_START + TEST_DIR_AUTH_LINE_END_BAD_IP, + V3_DIRINFO, 1); + tt_int_op(rv, OP_EQ, -1); + + rv = parse_dir_authority_line(TEST_DIR_AUTH_LINE_START + TEST_DIR_AUTH_LINE_END_WITH_DNS_ADDR, + V3_DIRINFO, 1); + tt_int_op(rv, OP_EQ, -1); + + done: + return; +} + +#undef TEST_DIR_AUTH_LINE_START +#undef TEST_DIR_AUTH_LINE_END_BAD_IP +#undef TEST_DIR_AUTH_LINE_END_WITH_DNS_ADDR + /* No secrets here: * id is `echo "syn-propanethial-S-oxide" | shasum | cut -d" " -f1` */ @@ -5687,6 +5721,7 @@ struct testcase_t config_tests[] = { CONFIG_TEST(adding_trusted_dir_server, TT_FORK), CONFIG_TEST(adding_fallback_dir_server, TT_FORK), CONFIG_TEST(parsing_trusted_dir_server, 0), + CONFIG_TEST(parsing_invalid_dir_address, 0), CONFIG_TEST(parsing_fallback_dir_server, 0), CONFIG_TEST(adding_default_trusted_dir_servers, TT_FORK), CONFIG_TEST(adding_dir_servers, TT_FORK), |