fixup! Don't atoi off the end of a buffer chunk.

Credit AFL in the changes file.
2024-11-10 13:13:44 +01:00 · 2017-02-14 16:44:58 -05:00 · 2017-02-14 16:44:58 -05:00 · ff088ea7d7
commit ff088ea7d7
parent c4f2faf301
1 changed files with 3 additions and 2 deletions
--- a/changes/bug20894
+++ b/changes/bug20894
@ -3,6 +3,7 @@
      do not read off the end of the buffer. This bug was a potential
      remote denial-of-service attack against Tor clients and relays.
      A workaround was released in October 2016, which prevents this
-      bug from crashing Tor.  This is a fix for the underlying issue,
+      bug from crashing Tor. This is a fix for the underlying issue,
      which should no longer matter (if you applied the earlier patch).
-      Fixes bug 20894; bugfix on 0.2.0.16-alpha.
+      Fixes bug 20894; bugfix on 0.2.0.16-alpha. Bug found by fuzzing
+      using AFL (http://lcamtuf.coredump.cx/afl/).