diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/or/directory.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/or/directory.c b/src/or/directory.c index 1b5468bd93..e181fa8fbd 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -708,8 +708,14 @@ http_set_address_origin(const char *headers, connection_t *conn) if (!fwd) fwd = http_get_header(headers, "X-Forwarded-For: "); if (fwd) { + struct in_addr in; + if (!tor_inet_aton(fwd, &in) || is_internal_IP(ntohl(in.s_addr), 0)) { + log_debug(LD_DIR, "Ignoring unrecognized or internal IP '%s'", fwd); + tor_free(fwd); + return; + } tor_free(conn->address); - conn->address = tor_strdup(escaped(fwd)); + conn->address = tor_strdup(fwd); tor_free(fwd); } } |