Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3

This commit is contained in:
Nick Mathewson 2012-08-03 11:18:40 -04:00
commit 1040afb242
2 changed files with 6 additions and 1 deletions

5
changes/bug6530 Normal file
View File

@ -0,0 +1,5 @@
o Major security fixes:
- Avoid a read of uninitializd RAM when reading a vote or consensus
document with an unrecognized flavor name. This could lead to a
remote crash bug. Fixes bug 6530; bugfix on 0.2.2.6-alpha.

View File

@ -2853,7 +2853,7 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out,
int flavor = networkstatus_parse_flavor_name(tok->args[1]); int flavor = networkstatus_parse_flavor_name(tok->args[1]);
if (flavor < 0) { if (flavor < 0) {
log_warn(LD_DIR, "Can't parse document with unknown flavor %s", log_warn(LD_DIR, "Can't parse document with unknown flavor %s",
escaped(tok->args[2])); escaped(tok->args[1]));
goto err; goto err;
} }
ns->flavor = flav = flavor; ns->flavor = flav = flavor;