mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-20 10:12:15 +01:00
Code Issues Projects Releases Wiki Activity

fixup! Don't atoi off the end of a buffer chunk.

Browse Source 
Credit AFL in the changes file.
This commit is contained in:
Nick Mathewson 2017-02-14 16:44:58 -05:00
parent c4f2faf301
commit ff088ea7d7
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
changes/bug20894
View File

@ -3,6 +3,7 @@
do not read off the end of the buffer. This bug was a potential do not read off the end of the buffer. This bug was a potential
remote denial-of-service attack against Tor clients and relays. remote denial-of-service attack against Tor clients and relays.
A workaround was released in October 2016, which prevents this A workaround was released in October 2016, which prevents this
bug from crashing Tor. This is a fix for the underlying issue, bug from crashing Tor. This is a fix for the underlying issue,
which should no longer matter (if you applied the earlier patch). which should no longer matter (if you applied the earlier patch).
Fixes bug 20894; bugfix on 0.2.0.16-alpha. Fixes bug 20894; bugfix on 0.2.0.16-alpha. Bug found by fuzzing
using AFL (http://lcamtuf.coredump.cx/afl/).