Opened 9 months ago

Closed 9 months ago

#30434 closed defect (fixed)

Log sanitization scrubs HH:MM:SS timestamps as if they were IPv6 addresses

Reported by: dcf Owned by:
Priority: Medium Milestone:
Component: Circumvention/Snowflake Version:
Severity: Minor Keywords:
Cc: dcf, arlolra, cohosh, phw Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Running client with tor -f torrc, I see lines like:

2019/05/08 [scrubbed] OnDataChannel
2019/05/08 [scrubbed] OnOpen channel

I haven't checked, but I presume the HH:MM:SS is being matched by the pattern for IPv6 addresses.

Child Tickets

Change History (4)

comment:1 Changed 9 months ago by cohosh

Here's a suggested fix:

I went off of RFC4291. There's no MUST in there, but a "::" indicates a compressed IPv6 address, so I added the restriction that if there are more than 2 fields compressed it needs "::" somewhere in the address.

I also added some additional test cases for the timestamps and more compressed addresses to make sure we don't miss anything.

comment:2 Changed 9 months ago by cohosh

Status: newneeds_review

comment:3 Changed 9 months ago by dcf

Status: needs_reviewmerge_ready

Looks good to me.

comment:4 Changed 9 months ago by cohosh

Resolution: fixed
Status: merge_readyclosed

This has been merged and deployed for the server, fallback proxy-go instances, and the broker.

Note: See TracTickets for help on using tickets.