[patch] tor 0.2.6 sometimes fails to escape logged directory requests
tor 0.2.6 (git Jul - Sep 2014) sometimes writes (parts of) directory requests directly to the log without escaping them. This can lead to arbitrary characters being written to the log.
The attached test case should be run using: cat tor_log_bell.http | nc -c tor-directory-ip tor-directory-port A url-encoded version of the file is supplied in case the random garbage turns into sensible garbage in transit.
Running this test case on a tor directory logging "[debug] {DIRSERV}" would normally write a URL that ends in random garbage (including the BEL character) to the log. The bell makes the failure of the test easy to identify when reading the log from a terminal with an audible or visual bell.
After applying this patch, tor writes:
(time and date) [debug] {DIRSERV} int directory_handle_command_get(dir_connection_t *, const char *, const char *, size_t)(): rewritten url as '"/tor/server/fp/\014\303\266\302\220\302\2379L(\303\274\302\266"\303\200\303\220\302\210&\303\226\302\261\034\007\006\302\217\303\264\302\234\302\257\302\267\302\245\303\273\302\257\302\265o\030\302\210d7A\302\233<\302\263\302\2148H"'.
(No bell sound occurs.)