Opened 21 months ago

Last modified 5 months ago

#19647 new enhancement

HS Descriptors should only contain printable ASCII

Reported by: teor Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-hs, prop224
Cc: Actual Points:
Parent ID: #24033 Points:
Reviewer: Sponsor: SponsorR-can


In #18938, we discovered some relays publishing platform lines or extrainfo documents with non-ASCII characters.

This seems to occur due to memory corruption.

So let's make sure that a non-ASCII check is done on:

  • hidden services: unencrypted or encrypted descriptor
  • HSDirs: encrypted descriptor
  • clients: unencrypted or encrypted descriptor

This might require a spec change - it's likely implicit in the spec already.

For completeness, the set of printable ASCII characters is defined in dir-spec.txt as:

    NL = The ascii LF character (hex value 0x0a).
    KeywordChar ::= 'A' ... 'Z' | 'a' ... 'z' | '0' ... '9' | '-'
    ArgumentChar ::= any printing ASCII character except NL.
    WS = (SP | TAB)+

Where I assume "printing ASCII" means "space to tilde", but we should also clarify that in the torspec.

Child Tickets

Change History (12)

comment:1 Changed 21 months ago by teor

Summary: Descriptors should only contain printable ASCIIHS Descriptors should only contain printable ASCII

comment:2 Changed 21 months ago by dgoulet

Keywords: 029-proposed added; 030-proposed removed

I'm moving this one to 029-proposed because #17238 is planned for 029 (HOPEFULLY). This is a check in the current code under development for which I think is a good idea.

Although, I would see that being implemented in routerparse.c with some flag asking for non-ASCII check and not being an HS specific thing so if #18938 gets in 029, we have this for free else we can differ it until it's supported upstream.

comment:3 Changed 19 months ago by dgoulet

Parent ID: #17238
Sponsor: SponsorR-can

Let's not block on HSDir support (#17238) for this. I see this as an improvement to the implementation not a dependency.

comment:4 Changed 18 months ago by nickm

Keywords: 029-nickm-says-no added

comment:5 Changed 16 months ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:6 Changed 15 months ago by dgoulet

Milestone: Tor: 0.3.???Tor: 0.3.1.x-final

Move the 0.3.??? prop224 tickets to the 031 milestone.

comment:7 Changed 13 months ago by nickm

Milestone: Tor: 0.3.1.x-finalTor: unspecified

Deferring this; probably doesn't actually matter too much?

comment:8 Changed 13 months ago by dgoulet

Priority: MediumVery High

Prioritize prop224 tickets for 031 milestone. They are all "Enhancement".

comment:9 Changed 13 months ago by nickm

Priority: Very HighMedium

comment:10 Changed 10 months ago by nickm

Keywords: 029-nickm-says-no removed

comment:11 Changed 9 months ago by nickm

Keywords: 029-proposed removed

comment:12 Changed 5 months ago by nickm

Parent ID: #24033
Note: See TracTickets for help on using tickets.