From 5d50bc3e1d4bf7312b39d5366cb1d374345f7bd0 Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Mon, 9 Mar 2009 00:53:42 +0000 Subject: We were already rejecting relay begin cells with destination port of 0. Now also reject extend cells with destination port or address of 0. Suggested by lark. svn:r18812 --- src/or/circuitbuild.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 42da9e6fe..1cda8e870 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -762,7 +762,13 @@ circuit_extend(cell_t *cell, circuit_t *circ) id_digest = cell->payload+RELAY_HEADER_SIZE+4+2+ONIONSKIN_CHALLENGE_LEN; tor_addr_from_ipv4h(&n_addr, n_addr32); - /* First, check if they asked us for 0000..0000. We support using + if (!n_port || !n_addr32) { + log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, + "Client asked me to extend to zero destination port or addr."); + return -1; + } + + /* Check if they asked us for 0000..0000. We support using * an empty fingerprint for the first hop (e.g. for a bridge relay), * but we don't want to let people send us extend cells for empty * fingerprints -- a) because it opens the user up to a mitm attack, -- cgit v1.2.3