[tor-bugs] #22103 [Core Tor]: confparse.c checks pointer instead of value (!ok)

2017-04-29 Thread Tor Bug Tracker & Wiki 
#22103: confparse.c checks pointer instead of value (!ok)
--+-
 Reporter:  nullius   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 == Description ==

 In `src/or/confparse.c`, functions `conf_parse_msec_interval()` and
 `conf_parse_interval()` incorrectly check a pointer instead of the
 pointed-to value.  Patch attached.

 == Impact ==

 When `config_parse_units()` hits an error, these functions may return `0`
 as a valid value instead of `-1` as an error.

 == Security evaluation ==

 Far worse could be done by any attacker with sufficient access to feed
 malicious data to these functions.  Thus, I don’t see how it could be
 exploited as a practical matter.

 == `note[0]` ==

 From my `~/tor/BUGS.txt` with mtime 2014-03-19T03:07:45Z.  So sorry I did
 not report it sooner.  I could have been rich and famous!

 {{{#!comment
 #include 

 #define ME  "null...@nym.zone"
 #define PGP "0xC2E91CD74A4C57A105F6C21B5A00591B2F307E0C"

 int
 main(int argc, char *argv[])
 {

 printf("Hello, world! <%s>\nPGP: %s\n", ME, PGP);

 return (0);
 }
 }}}

 == `note[1]` ==

 Use of the variable `ok` is inconsistent in `confparse.c`.  In
 `config_assign_value()`, `ok` is an `int`.  Elsewhere, pointer to `int`.
 That’s not ok!  Also, there is a confusing `tor_assert(ok);` to check for
 non-`NULL` pointer; KNF style would prescribe the check to be explicit
 `tor_assert(ok != NULL);`, for a reason.  (The actual bug concerns a
 Boolean check, so `if (!*ok)` is stylistically sane.)  I could open a
 separate bug and/or do some minor refactoring, if committers were to
 express an interest in making `ok` more ok.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22102 [Core Tor/Tor]: Can't HUP with a relative path in Log line

2017-04-29 Thread Tor Bug Tracker & Wiki 
#22102: Can't HUP with a relative path in Log line
--+--
 Reporter:  pastly|  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.6
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Start Tor with

 {{{
 DataDirectory /home/mtraudt/src/qtime-with-load-testing/datadir-test
 Log notice file ./datadir-test/notice.log
 RunAsDaemon 1
 SocksPort 0
 }}}

 and then sending a HUP after Tor bootstraps to cause

 {{{
 Apr 29 13:58:47.000 [notice] Received reload signal (hup). Reloading
 config and resetting internal state.
 Apr 29 13:58:47.000 [notice] Read configuration file "/home/mtraudt/src
 /qtime-with-load-testing/torrc-test".
 Apr 29 13:58:47.000 [warn] SocksPort, TransPort, NATDPort, DNSPort, and
 ORPort are all undefined, and there aren't any hidden services configured.
 Tor will still run, but probably won't do anything.
 Apr 29 13:58:47.000 [warn] Couldn't open file for 'Log notice file
 ./datadir-test/notice.log': No such file or directory
 Apr 29 13:58:47.000 [warn] Failed to parse/validate config: Failed to init
 Log options. See logs for details.
 Apr 29 13:58:47.000 [err] Reading config failed--see warnings above. For
 usage, try -h.
 Apr 29 13:58:47.000 [warn] Restart failed (config error?). Exiting.
 }}}

 May be related to #22101?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22101 [Core Tor/Tor]: Can't have relative DataDirectory with CookieAuthentication enabled

2017-04-29 Thread Tor Bug Tracker & Wiki 
#22101: Can't have relative DataDirectory with CookieAuthentication enabled
--+--
 Reporter:  pastly|  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:  Tor: 0.3.0.6
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 {{{
 DataDirectory ./datadir-3hop
 Log notice file ./datadir-3hop/notice.log
 RunAsDaemon 1
 ControlPort 9980
 CookieAuthentication 1
 }}}

 leads to

 {{{
 Apr 29 12:29:03.000 [notice] Tor 0.3.0.6 (git-47d2e4f06ec26a79) opening
 new log file.
 Apr 29 12:29:02.994 [warn] OpenSSL version from headers does not match the
 version we're running with. If you get weird crashes, that might be why.
 (Compiled with 1000105f: OpenSSL 1.0.1e 11 Feb 2013; running with
 1000105f: OpenSSL 1.0.1e-fips 11 Feb 2013).
 Apr 29 12:29:03.013 [notice] Tor 0.3.0.6 (git-47d2e4f06ec26a79) running on
 Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1e-fips and Zlib 1.2.7.
 Apr 29 12:29:03.013 [notice] Tor can't help you if you use it wrong! Learn
 how to be safe at https://www.torproject.org/download/download#warning
 Apr 29 12:29:03.014 [notice] Read configuration file "/home/mtraudt/src
 /qtime-with-load-testing/torrc-3hop".
 Apr 29 12:29:03.015 [warn] Path for DataDirectory (./datadir-3hop) is
 relative and will resolve to /home/mtraudt/src/qtime-with-load-testing
 /./datadir-3hop. Is this what you wanted?
 Apr 29 12:29:03.016 [notice] Opening Socks listener on 127.0.0.1:9050
 Apr 29 12:29:03.016 [notice] Opening Control listener on 127.0.0.1:9980
 Apr 29 12:29:03.000 [warn] Couldn't open "./datadir-
 3hop/control_auth_cookie.tmp" (./datadir-3hop/control_auth_cookie) for
 writing: No such file or directory
 Apr 29 12:29:03.000 [warn] Error writing auth cookie to "./datadir-
 3hop/control_auth_cookie".
 Apr 29 12:29:03.000 [warn] Error creating control cookie authentication
 file.
 Apr 29 12:29:03.000 [err] set_options(): Bug: Acting on config options
 left us in a broken state. Dying. (on Tor 0.3.0.6 47d2e4f06ec26a79)
 }}}

 Setting DataDirectory to the absolute path in the torrc allows Tor to
 start

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #21886 [Applications/Tor Browser]: Downloading of binary files stalls at 0/0 bytes in Tor Browser based on ESR52 with e10s off (was: Downloading of binary files stalls at 0/0 bytes in T

2017-04-29 Thread Tor Bug Tracker & Wiki 
#21886: Downloading of binary files stalls at 0/0 bytes in Tor Browser based on
ESR52 with e10s off
-+-
 Reporter:  gk   |  Owner:  mcs
 Type:  defect   | Status:
 |  assigned
 Priority:  High |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  tbb-usability, tbb-7.0-must-alpha,   |  Actual Points:
  ff52-esr   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
 |  Sponsor4
-+-

Comment (by gk):

 Replying to [comment:9 mcs]:
 > Kathy and I can not reproduce this bug when Tor Browser is running in
 multiprocess mode. When multiprocess mode is enabled, we always see a tab
 crash, which is #21766. Also, if the pref
 `extensions.torbutton.launch_warning` is set to false, neither this bug
 nor #21766 occur.
 >
 > I wanted to mention our experience in case someone is seeing different
 behavior.

 No, this ticket got filed before we had e10s enabled in Tor Browser. And I
 only see it once I have e10s off.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22095 [Core Tor/Tor]: prop279 discussion

2017-04-29 Thread Tor Bug Tracker & Wiki 
#22095: prop279 discussion
---+--
 Reporter:  cypherpunks|  Owner:
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:  Tor: unspecified
Component:  Core Tor/Tor   |Version:
 Severity:  Normal | Resolution:  invalid
 Keywords:  prop279, spec  |  Actual Points:
Parent ID: | Points:
 Reviewer: |Sponsor:
---+--
Changes (by yawning):

 * status:  needs_information => closed
 * resolution:   => invalid


Comment:

 I'm just going to close this under the assumption that this person doesn't
 know about redirecting stdin/stdout post-fork()/pre-exec().

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22099 [Core Tor/Tor]: begin_cell_parse and IPv6

2017-04-29 Thread Tor Bug Tracker & Wiki 
#22099: begin_cell_parse and IPv6
--+-
 Reporter:  cypherpunks   |  Owner:
 Type:  defect| Status:  closed
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:  invalid
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+-
Changes (by cypherpunks):

 * status:  new => closed
 * resolution:   => invalid


Comment:

 wrong

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22100 [Applications/Tor Browser]: Mozilla's FPI suxx

2017-04-29 Thread Tor Bug Tracker & Wiki 
#22100: Mozilla's FPI suxx
--+-
 Reporter:  cypherpunks   |  Owner:  tbb-team
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:  tbb-linkability
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 7.0a3 with security slider on Medium
 {{{
 [04-29 09:49:32] Torbutton INFO: tor SOCKS:
 http://hpr.dogphilosophy.net/test/wav.wav via
--unknown--:f3a7ec04000aee82fa3ca27677d6309b
 }}}
 and many, many others...

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #4998 [Core Tor/Tor]: MyFamily as a list

2017-04-29 Thread Tor Bug Tracker & Wiki 
#4998: MyFamily as a list
+--
 Reporter:  weasel  |  Owner:  Jigsaw52
 Type:  defect  | Status:  assigned
 Priority:  Medium  |  Milestone:  Tor:
|  0.3.1.x-final
Component:  Core Tor/Tor|Version:  Tor:
|  0.2.3.11-alpha
 Severity:  Normal  | Resolution:
 Keywords:  tor-relay lorax easy intro  |  Actual Points:
Parent ID:  #15060  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by Jigsaw52):

 * status:  needs_review => assigned
 * owner:   => Jigsaw52


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #4998 [Core Tor/Tor]: MyFamily as a list

2017-04-29 Thread Tor Bug Tracker & Wiki 
#4998: MyFamily as a list
+--
 Reporter:  weasel  |  Owner:  Jigsaw52
 Type:  defect  | Status:  needs_review
 Priority:  Medium  |  Milestone:  Tor:
|  0.3.1.x-final
Component:  Core Tor/Tor|Version:  Tor:
|  0.2.3.11-alpha
 Severity:  Normal  | Resolution:
 Keywords:  tor-relay lorax easy intro  |  Actual Points:
Parent ID:  #15060  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by Jigsaw52):

 * status:  assigned => needs_review


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22099 [Core Tor/Tor]: begin_cell_parse and IPv6

2017-04-29 Thread Tor Bug Tracker & Wiki 
#22099: begin_cell_parse and IPv6
--+-
 Reporter:  cypherpunks   |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+-
 spec about IPV6 inside BEGIN cell -- ADDRPORT is made of ADDRESS | ':' |
 PORT | [00] where ADDRESS is IPv6 address surrounded by square brackets;
 and where PORT is a decimal integer between 1 and 65535, inclusive.

 begin_cell_parse can't parse IPV6 by tor_addr_port_split correctly. for
 example [2607:f8b0:4000:800::200e]:80 tor_addr_parse can't handle port and
 will return corrupted result in this case, addr_port_lookup can't handle
 (any bracketed) ipv6 part either. it's impossible to request IPv6
 connection without dns mafia.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22087 [Applications/Tor Browser]: emoji not display correctly

2017-04-29 Thread Tor Bug Tracker & Wiki 
#22087: emoji not display correctly
+--
 Reporter:  joel2017|  Owner:  tbb-team
 Type:  defect  | Status:  new
 Priority:  Medium  |  Milestone:
Component:  Applications/Tor Browser|Version:
 Severity:  Normal  | Resolution:
 Keywords:  ff52-esr, tbb-fingerprinting-fonts  |  Actual Points:
Parent ID:  | Points:
 Reviewer:  |Sponsor:
+--
Changes (by cypherpunks):

 * keywords:   => ff52-esr, tbb-fingerprinting-fonts


Comment:

 Replying to [comment:2 blockflare]:
 > It does work with Tor Browser 7.0a3 which you can download here:
 https://www.torproject.org/projects/torbrowser.html.en#downloads-alpha
 No, it doesn't.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs