#16891: logging malformed hostnames in socks5 requests does not respect
SafeLogging
configuration
----------------------------+-------------------------------
Reporter: andreasstieger | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor | Version: Tor: 0.2.6.10
Keywords: | Actual Points:
Parent ID: | Points:
----------------------------+-------------------------------
When a socks5 client application sends a request with a malformed
hostname, the following is logged:
''Your application (using socks5 to port 42) gave Tor a malformed
hostname: ['''host.example.com''']. Rejecting the connection.''
It should say `[scrubbed]` as `SafeLogging` was not set to `0`.
Bug is in `src/or/buffers.c` :: `parse_socks()`, where it uses `escaped()`
on the request address rather than `escaped_safe_str_client()`.
Patch attached.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16891>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
