Skip to content

GitLab

Trac
Trac

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Closed (moved)
Opened by Yawning Angel@yawning

torsock's getpeername() implementation is broken.

This is incredibly wrong and breaks well written applications:

      /*
       * Extra check for addrlen since we are about to copy the connection
       * content into the given address.
       */
      if (*addrlen > sizeof(struct sockaddr)) {
              /* Ref to the manpage for the returned value here. */
              errno = EINVAL;
              ret = -1;
              goto end;
      }

http://pubs.opengroup.org/onlinepubs/9699919799/functions/getpeername.html

The address_len argument points to a socklen_t object which on input specifies the length of the supplied sockaddr structure, and on output specifies the length of the stored address. If the actual length of the address is greater than the length of the supplied sockaddr structure, the stored address shall be truncated.

This does not mean "reject address_len that's larger than sizeof(struct sockaddr)", and it is common to pass in a sockaddr_in6 or sockaddr_storage both which are larger than sockaddr.

To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information