FS#65313 - [Tor] segmentation fault when malformed request sent on DNSPort
Attached to Project:
Community Packages
Opened by Unraw (unraw) - Wednesday, 29 January 2020, 03:31 GMT
Last edited by Toolybird (Toolybird) - Thursday, 04 May 2023, 03:53 GMT
Opened by Unraw (unraw) - Wednesday, 29 January 2020, 03:31 GMT
Last edited by Toolybird (Toolybird) - Thursday, 04 May 2023, 03:53 GMT
|
Details
Description:
Tor daemon crash if it receive unexpected data on it's DNSPort. Tested packages from Archlinux and Manjaro repositories, latest tor 0.4.3.1-alpha built from sources. Tor daemon from TBB, Debian repositories and built on Debian are not affected. Additional info: * package version(s) = 0.4.2.5-1 * config and/or log files etc. crashlog: ============================================================ T= 1580267866 Tor 0.4.2.5 died: Caught signal 11 tor(+0x21c9e7)[0x55a97c4199e7] /usr/lib/libevent-2.1.so.7(+0xc0cc)[0x7f7dbcd9e0cc] /usr/lib/libevent-2.1.so.7(+0xc0cc)[0x7f7dbcd9e0cc] /usr/lib/libevent-2.1.so.7(+0x39839)[0x7f7dbcdcb839] /usr/lib/libevent-2.1.so.7(+0x21e2a)[0x7f7dbcdb3e2a] /usr/lib/libevent-2.1.so.7(event_base_loop+0x37f)[0x7f7dbcdb44cf] tor(do_main_loop+0x10c)[0x55a97c26e13c] tor(tor_run_main+0x122d)[0x55a97c25b10d] tor(tor_main+0x3b)[0x55a97c2584bb] tor(main+0x1a)[0x55a97c25805a] /usr/lib/libc.so.6(__libc_start_main+0xf3)[0x7f7dbc6a3153] tor(_start+0x2e)[0x55a97c2580be] Steps to reproduce: - add option `DNSPort 5353` to torrc and run tor. - exec `echo -n "asd" | nc -u 127.0.0.1 5353` in a shell. |
This task depends upon
Comment by Toolybird (Toolybird) -
Tuesday, 04 April 2023, 00:43 GMT
Still happening with latest pkg?