nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 21:23:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'maint-0.4.5'

Browse Source
This commit is contained in:
Nick Mathewson 2021-03-15 08:54:00 -04:00
commit cfeb063f24
2 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
changes/ticket40286_minimal
View File

@ -1,5 +1,6 @@
o Major bugfixes (denial of service): o Major bugfixes (security, denial of service):
- Disable the dump_desc() function that we used to dump unparseable - Disable the dump_desc() function that we used to dump unparseable
information to disk. It was called incorrectly in several places, information to disk. It was called incorrectly in several places,
in a way that could lead to excessive CPU usage. in a way that could lead to excessive CPU usage. Fixes bug 40286;
Fixes bug 40286; bugfix on 0.2.2.1-alpha. bugfix on 0.2.2.1-alpha. This bug is also tracked as
TROVE-2021-001 and CVE-2021-28089.

7
src/feature/dirparse/unparseable.c
View File

@ -498,8 +498,11 @@ dump_desc,(const char *desc, const char *type))
tor_assert(desc); tor_assert(desc);
tor_assert(type); tor_assert(type);
#ifndef TOR_UNIT_TESTS #ifndef TOR_UNIT_TESTS
/* On older versions of Tor we are disabling this function, since it /* For now, we are disabling this function, since it can be called with
* can be called with strings that are far too long. */ * strings that are far too long. We can turn it back on if we fix it
* someday, but we'd need to give it a length argument. A likelier
* resolution here is simply to remove this module entirely. See tor#40286
* for background. */
if (1) if (1)
return; return;
#endif #endif