Nick Mathewson
115cefdeee
Merge branch 'maint-0.2.6' into maint-0.2.7
2017-02-07 08:55:07 -05:00
Nick Mathewson
e6965f78b8
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-02-07 08:54:54 -05:00
Nick Mathewson
6b37512dc7
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-02-07 08:54:47 -05:00
Nick Mathewson
d6eae78e29
Merge remote-tracking branch 'public/bug19152_024_v2' into maint-0.2.4
2017-02-07 08:47:11 -05:00
Nick Mathewson
eb72365554
Merge branch 'maint-0.2.6' into maint-0.2.7
2017-02-07 08:39:25 -05:00
Nick Mathewson
8936c50d83
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-02-07 08:39:07 -05:00
Nick Mathewson
05ec055c41
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-02-07 08:38:59 -05:00
Nick Mathewson
51675f97d3
Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.4
2017-02-07 08:37:07 -05:00
Nick Mathewson
da0d5ad983
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-02-07 08:34:37 -05:00
Nick Mathewson
332543baed
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-02-07 08:34:08 -05:00
Nick Mathewson
6cb8c0fd4e
Refine the memwipe() arguments check for 18089 a little more.
...
We still silently ignore
memwipe(NULL, ch, 0);
and
memwipe(ptr, ch, 0); /* for ptr != NULL */
But we now assert on:
memwipe(NULL, ch, 30);
2017-02-07 08:33:51 -05:00
teor (Tim Wilson-Brown)
fb7d1f41b4
Make memwipe() do nothing when passed a NULL pointer or zero size
...
Check size argument to memwipe() for underflow.
Closes bug #18089 . Reported by "gk", patch by "teor".
Bugfix on 0.2.3.25 and 0.2.4.6-alpha (#7352 ),
commit 49dd5ef3
on 7 Nov 2012.
2017-02-07 08:33:39 -05:00
Nick Mathewson
640b402232
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-02-07 08:32:10 -05:00
John Brooks
053e11f397
Fix out-of-bounds read in INTRODUCE2 client auth
...
The length of auth_data from an INTRODUCE2 cell is checked when the
auth_type is recognized (1 or 2), but not for any other non-zero
auth_type. Later, auth_data is assumed to have at least
REND_DESC_COOKIE_LEN bytes, leading to a client-triggered out of bounds
read.
Fixed by checking auth_len before comparing the descriptor cookie
against known clients.
Fixes #15823 ; bugfix on 0.2.1.6-alpha.
2017-02-07 08:31:37 -05:00
Nick Mathewson
8c91cbb6ca
Merge branch 'maint-0.2.6' into maint-0.2.7
2017-01-11 09:12:51 -05:00
Nick Mathewson
54771bcaba
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-01-11 09:12:21 -05:00
Nick Mathewson
34fdd510ef
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-01-11 09:11:58 -05:00
Karsten Loesing
3833f67dd2
Update geoip and geoip6 to the January 4 2017 database.
2017-01-04 10:19:52 +01:00
Nick Mathewson
2673b4b7a8
Merge branch 'maint-0.2.6' into maint-0.2.7
2016-12-20 18:23:19 -05:00
Nick Mathewson
b6227edae1
Add a one-word sentinel value of 0x0 at the end of each buf_t chunk
...
This helps protect against bugs where any part of a buf_t's memory
is passed to a function that expects a NUL-terminated input.
It also closes TROVE-2016-10-001 (aka bug 20384).
2016-12-20 18:22:53 -05:00
Nick Mathewson
746c51b613
Merge branch 'maint-0.2.5' into maint-0.2.6
...
("ours" merge because there is a separate 20384 patch for 026)
2016-12-20 18:22:27 -05:00
Nick Mathewson
39ef343523
Add a one-word sentinel value of 0x0 at the end of each buf_t chunk
...
This helps protect against bugs where any part of a buf_t's memory
is passed to a function that expects a NUL-terminated input.
2016-12-20 18:20:01 -05:00
Nick Mathewson
7d3d56e59a
Merge branch 'maint-0.2.4' into maint-0.2.5
...
(ours merge -- there is a separate 0.2.5 patch for 20384.)
2016-12-20 18:19:41 -05:00
Nick Mathewson
8f857c23b7
Add a one-word sentinel value of 0x0 at the end of each buf_t chunk
...
This helps protect against bugs where any part of a buf_t's memory
is passed to a function that expects a NUL-terminated input.
2016-12-20 18:18:53 -05:00
Nick Mathewson
a9c8a5ff18
Merge branch 'maint-0.2.6' into maint-0.2.7
2016-12-20 18:14:21 -05:00
Nick Mathewson
b18bde23cf
Merge branch 'maint-0.2.5' into maint-0.2.6
2016-12-20 18:11:25 -05:00
Nick Mathewson
db58d4d16f
Merge branch 'maint-0.2.4' into maint-0.2.5
2016-12-20 18:11:08 -05:00
Nick Mathewson
0fb3058ece
Make log message warn about detected attempts to exploit 21018.
2016-12-18 20:17:28 -05:00
Nick Mathewson
d978216dea
Fix parsing bug with unecognized token at EOS
...
In get_token(), we could read one byte past the end of the
region. This is only a big problem in the case where the region
itself is (a) potentially hostile, and (b) not explicitly
nul-terminated.
This patch fixes the underlying bug, and also makes sure that the
one remaining case of not-NUL-terminated potentially hostile data
gets NUL-terminated.
Fix for bug 21018, TROVE-2016-12-002, and CVE-2016-1254
2016-12-18 20:17:24 -05:00
Nick Mathewson
b49369badd
Merge branch 'maint-0.2.6' into maint-0.2.7
2016-12-09 08:34:12 -05:00
Nick Mathewson
3d9f8ff6a5
Merge branch 'maint-0.2.5' into maint-0.2.6
2016-12-09 08:34:06 -05:00
Nick Mathewson
3d2d3f2b62
Merge branch 'maint-0.2.4' into maint-0.2.5
2016-12-09 08:33:57 -05:00
Karsten Loesing
9db47e7921
Update geoip and geoip6 to the December 7 2016 database.
2016-12-09 10:23:36 +01:00
Nick Mathewson
f5fdf188b9
Merge branch 'maint-0.2.6' into maint-0.2.7
2016-11-07 09:30:42 -05:00
Nick Mathewson
6c2174d44d
Merge branch 'maint-0.2.5' into maint-0.2.6
2016-11-07 09:30:16 -05:00
Nick Mathewson
db2571be61
Merge branch 'maint-0.2.4' into maint-0.2.5
2016-11-07 09:29:54 -05:00
Karsten Loesing
ea597832e2
Update geoip and geoip6 to the November 3 2016 database.
2016-11-07 15:05:19 +01:00
Nick Mathewson
ec718aa839
Merge branch 'maint-0.2.6' into maint-0.2.7
2016-10-06 09:59:18 -04:00
Nick Mathewson
12a7298376
Merge branch 'maint-0.2.5' into maint-0.2.6
2016-10-06 09:59:03 -04:00
Nick Mathewson
304d8f3bbb
Merge branch 'maint-0.2.4' into maint-0.2.5
2016-10-06 09:58:54 -04:00
Karsten Loesing
1b4984f196
Update geoip and geoip6 to the October 6 2016 database.
2016-10-05 16:35:14 +02:00
Nick Mathewson
11edbf4808
Merge branch 'maint-0.2.6' into maint-0.2.7
2016-09-07 13:54:03 -04:00
Nick Mathewson
52a99cb6c1
Merge branch 'maint-0.2.5' into maint-0.2.6
2016-09-07 13:53:53 -04:00
Nick Mathewson
e4d82da05b
Merge branch 'maint-0.2.4' into maint-0.2.5
2016-09-07 13:53:43 -04:00
Karsten Loesing
56f95ba94d
Update geoip and geoip6 to the September 6 2016 database.
2016-09-07 11:08:04 +02:00
Nick Mathewson
f60da19211
Changes file for bifroest
2016-08-24 10:02:42 -04:00
Isis Lovecruft
41ab23bed5
Replace Tonga with Bifroest.
...
* FIXES #19728 : https://bugs.torproject.org/19728
* CLOSES #19690 : https://bugs.torproject.org/19690
2016-08-24 10:01:23 -04:00
Nick Mathewson
db372addc8
Merge branch 'maint-0.2.6' into maint-0.2.7
2016-08-12 10:27:08 -04:00
Nick Mathewson
742ff2cddb
Merge branch 'maint-0.2.5' into maint-0.2.6
2016-08-12 10:27:01 -04:00
Nick Mathewson
46754d6081
Merge branch 'maint-0.2.4' into maint-0.2.5
2016-08-12 10:26:48 -04:00