#22469: tor should probably reject "0x00" in port range specifications -------------------------------------------------+------------------------- Reporter: toralf | Owner: Type: defect | Status: new Priority: Medium | Milestone: Tor: | unspecified Component: Core Tor/Tor | Version: Tor: | 0.3.1.2-alpha Severity: Normal | Resolution: Keywords: tor-relay torrc configuration intro | Actual Points: ipv6 | Parent ID: #22802 | Points: Reviewer: | Sponsor: -------------------------------------------------+------------------------- Changes (by catalyst):
* cc: catalyst (added) Comment: By code inspection it looks like `0x00` as the port might get accepted by `parse_port_range()` because `tor_parse_long()` gets called with a non- null `next` to detect a hyphen delimiting the maximum of a port range, but nothing seems to produce an error if some different character follows the first port number of the "range". i.e., `0x00` gets parsed as `0` followed by `x00` as trailing garbage that gets ignored rather than producing an error. I haven't come up with a test for this yet. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22469#comment:13> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs