nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 21:23:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
mirror repository of the tor core protocol in case of issues
27,083 Commits 53 Branches 630 Tags 125 MiB
C 94.4%
Python 1.5%
C++ 1.1%
Shell 1.1%
M4 0.9%
Other 0.8%
eb96692842
Go to file
Isis Lovecruft eb96692842 protover: TROVE-2018-005 Fix potential DoS in protover protocol parsing. 
In protover.c, the `expand_protocol_list()` function expands a `smartlist_t` of
`proto_entry_t`s to their protocol name concatenated with each version number.
For example, given a `proto_entry_t` like so:

    proto_entry_t *proto = tor_malloc(sizeof(proto_entry_t));
    proto_range_t *range = tor_malloc_zero(sizeof(proto_range_t));

    proto->name = tor_strdup("DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa");
    proto->ranges = smartlist_new();

    range->low = 1;
    range->high = 65536;

    smartlist_add(proto->ranges, range);

(Where `[19KB]` is roughly 19KB of `"a"` bytes.)  This would expand in
`expand_protocol_list()` to a `smartlist_t` containing 65536 copies of the
string, e.g.:

    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=1"
    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=2"
    […]
    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=65535"

Thus constituting a potential resource exhaustion attack.

The Rust implementation is not subject to this attack, because it instead
expands the above string into a `HashMap<String, HashSet<u32>` prior to #24031,
and a `HashMap<UnvalidatedProtocol, ProtoSet>` after).  Neither Rust version is
subject to this attack, because it only stores the `String` once per protocol.
(Although a related, but apparently of too minor impact to be usable, DoS bug
has been fixed in #24031. [0])

[0]: https://bugs.torproject.org/24031

 * ADDS hard limit on protocol name lengths in protover.c and checks in
   parse_single_entry() and expand_protocol_list().
 * ADDS tests to ensure the bug is caught.
 * FIXES #25517: https://bugs.torproject.org/25517
2018-05-22 12:12:01 -04:00
changes Merge branch 'maint-0.3.1' into maint-0.3.2 2018-05-16 12:11:45 -04:00
contrib bump version to 0.3.2.10-dev 2018-03-03 11:33:27 -05:00
doc PerConnBW{Rate,Burst} docs: do not say consensus param is always set 2018-04-05 12:08:35 -04:00
m4 Replace obsolete macros with modern equivalents 2016-12-23 10:34:11 -05:00
scripts lintchanges: Allow 'fixes bugs a, b, and c' 2017-11-05 14:41:39 -05:00
src protover: TROVE-2018-005 Fix potential DoS in protover protocol parsing. 2018-05-22 12:12:01 -04:00
.gitignore vim sometimes makes swo tempfiles 2017-12-13 12:07:45 -05:00
.gitlab-ci.yml Match .travis.yml more closely 2017-10-05 22:42:00 -05:00
.gitmodules Update the .gitmodules to refer to project-level tor-rust-dependencies 2018-02-21 11:53:04 -05:00
.travis.yml Merge branch 'bug25936-029' into bug25936-031 2018-04-26 15:46:57 -05:00
acinclude.m4 Run the copyright update script. 2017-03-15 16:13:17 -04:00
autogen.sh Report errors when updating configuration files 2016-12-23 10:35:26 -05:00
ChangeLog Fix a couple typos in the ChangeLog entries for 0.3.2.2-alpha. 2017-10-02 19:38:49 +00:00
configure.ac Add a missing prototype to our libevent configure stanza. 2018-03-13 13:37:26 +01:00
Doxyfile.in doxygen says these options are obsolete 2016-10-24 10:31:05 -04:00
INSTALL Small fixes for the 2702 implementation 2011-04-02 12:15:08 +02:00
LICENSE Run the copyright update script. 2017-03-15 16:13:17 -04:00
Makefile.am Merge branch 'maint-0.3.1' into maint-0.3.2 2018-05-03 13:38:54 -04:00
Makefile.nmake Clean up the MVSC nmake files so they work again. 2014-09-09 10:27:05 -04:00
README doc: Put the release timeline link in README 2017-11-08 10:44:00 -05:00
ReleaseNotes forward-port changelogs and release notes for 0.2.8.15, 0.2.9.12, 0.3.0.11, 0.3.1.7 2017-09-18 10:11:15 -04:00

README 

Tor protects your privacy on the internet by hiding the connection
between your Internet address and the services you use. We believe Tor
is reasonably secure, but please ensure you read the instructions and
configure it properly.

To build Tor from source:
        ./configure && make && make install

To build Tor from a just-cloned git repository:
        sh autogen.sh && ./configure && make && make install

Home page:
        https://www.torproject.org/

Download new versions:
        https://www.torproject.org/download/download.html

Documentation, including links to installation and setup instructions:
        https://www.torproject.org/docs/documentation.html

Making applications work with Tor:
        https://wiki.torproject.org/projects/tor/wiki/doc/TorifyHOWTO

Frequently Asked Questions:
        https://www.torproject.org/docs/faq.html


To get started working on Tor development:
        See the doc/HACKING directory.

Release timeline:
         https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTorReleases