#27316: protover.c accepts arbitrary bytes in protocol names -------------------------+------------------------------------------------- Reporter: | Owner: (none) cyberpunks | Type: defect | Status: new Priority: Medium | Milestone: Component: Core | Version: Tor: 0.2.9.4-alpha Tor/Tor | Keywords: protover, 029-backport, Severity: Normal | 032-backport, 033-backport, 034-backport, | unicode Actual Points: | Parent ID: Points: | Reviewer: Sponsor: | -------------------------+------------------------------------------------- [https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt dir-spec.txt] defines a protocol name as a Keyword, and strictly limits what character set is allowed in a Keyword: {{{ Keyword = KeywordChar+ KeywordChar ::= 'A' ... 'Z' | 'a' ... 'z' | '0' ... '9' | '-' }}}
But `"Foo_Bar=1"`, `",,,=1"`, and arbitrary Unicode strings like `"Risqu\u00e9=1"` are accepted. Bytes that aren't even valid Unicode like `"\xc1=1"` are also fine, as long as no bytes are the null byte, `=`, or the space character. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27316> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs