Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
Trac
Trac
  • Project overview
    • Project overview
    • Details
    • Activity
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Operations
    • Operations
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Create a new issue
  • Issue Boards

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • Legacy
  • TracTrac
  • Issues
  • #15497

Closed (moved)
Open
Opened Mar 28, 2015 by Yawning Angel@yawning

torsock's getpeername() implementation is broken.

This is incredibly wrong and breaks well written applications:

      /*
       * Extra check for addrlen since we are about to copy the connection
       * content into the given address.
       */
      if (*addrlen > sizeof(struct sockaddr)) {
              /* Ref to the manpage for the returned value here. */
              errno = EINVAL;
              ret = -1;
              goto end;
      }

http://pubs.opengroup.org/onlinepubs/9699919799/functions/getpeername.html

The address_len argument points to a socklen_t object which on input specifies the length of the supplied sockaddr structure, and on output specifies the length of the stored address. If the actual length of the address is greater than the length of the supplied sockaddr structure, the stored address shall be truncated.

This does not mean "reject address_len that's larger than sizeof(struct sockaddr)", and it is common to pass in a sockaddr_in6 or sockaddr_storage both which are larger than sockaddr.

To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: legacy/trac#15497