Nick Mathewson
4812441d34
Never read off the end of a buffer in base32_encode()
...
When we "fixed" #18280 in 4e4a7d2b0c
in 0291 it appears that we introduced a bug: The base32_encode
function can read off the end of the input buffer, if the input
buffer size modulo 5 is not equal to 0 or 3.
This is not completely horrible, for two reasons:
* The extra bits that are read are never actually used: so this
is only a crash when asan is enabled, in the worst case. Not a
data leak.
* The input sizes passed to base32_encode are only ever multiples
of 5. They are all either DIGEST_LEN (20), REND_SERVICE_ID_LEN
(10), sizeof(rand_bytes) in addressmap.c (10), or an input in
crypto.c that is forced to a multiple of 5.
So this bug can't actually trigger in today's Tor.
Closes bug 21894; bugfix on 0.2.9.1-alpha.
2017-04-07 10:47:16 -04:00
Nick Mathewson
7d7770f735
Merge branch 'maint-0.2.8' into maint-0.2.9
2017-04-06 08:31:54 -04:00
Nick Mathewson
91c6b18ca0
Merge branch 'maint-0.2.7-redux' into maint-0.2.8
2017-04-06 08:31:32 -04:00
Nick Mathewson
44bc8821b1
Merge branch 'maint-0.2.6' into maint-0.2.7-redux
2017-04-06 08:31:23 -04:00
Nick Mathewson
21d776738c
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-04-06 08:31:18 -04:00
Nick Mathewson
a8a860e1da
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-04-06 08:31:12 -04:00
Karsten Loesing
9d7933296c
Update geoip and geoip6 to the April 4 2017 database.
2017-04-06 10:52:39 +02:00
Nick Mathewson
d642ceb8df
Merge branch 'maint-0.2.8' into maint-0.2.9
2017-03-08 10:12:06 -05:00
Nick Mathewson
2cfecec9c7
Merge branch 'maint-0.2.7-redux' into maint-0.2.8
2017-03-08 10:11:23 -05:00
Nick Mathewson
25c28bc2d9
Merge branch 'maint-0.2.6' into maint-0.2.7-redux
2017-03-08 10:11:05 -05:00
Nick Mathewson
ecc73c3c03
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-03-08 10:10:44 -05:00
Nick Mathewson
933a1e7997
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-03-08 10:10:29 -05:00
Karsten Loesing
4488c319dd
Update geoip and geoip6 to the March 7 2017 database.
2017-03-08 09:41:35 +01:00
Nick Mathewson
75492598b2
Bump to 0.2.9.10-dev
2017-03-01 08:18:54 -05:00
Nick Mathewson
b049a5b398
bump version to 0.2.9.10
2017-02-28 10:38:55 -05:00
Nick Mathewson
3e07a54928
Merge branch 'maint-0.2.8' into maint-0.2.9
...
This is an "ours" merge to avoid taking a version bump
2017-02-28 10:38:31 -05:00
Nick Mathewson
f93bcab60e
Merge branch 'maint-0.2.7-redux' into maint-0.2.8
...
This is an "ours" merge to avoid taking a version bump, and to
avoid replaying the post-0.2.7.6 history of "maint-0.2.7-redux" onto maint-0.2.8, which already included the relevant changes.
2017-02-28 10:37:25 -05:00
Nick Mathewson
f2a657c22b
bump version to 0.2.8.13
2017-02-28 10:34:33 -05:00
Nick Mathewson
b5526bef38
Bump version to 0.2.7.7
2017-02-28 10:27:20 -05:00
Nick Mathewson
1174b50cab
Merge branch 'maint-0.2.6' into maint-0.2.7-redux
...
"ours" merge to avoid version bumps
2017-02-28 10:26:45 -05:00
Nick Mathewson
57e778f882
bump to 0.2.6.11
2017-02-28 10:26:24 -05:00
Nick Mathewson
ccdf0b319c
Merge branch 'maint-0.2.5' into maint-0.2.6
...
"ours" merge to avoid version bumps
2017-02-28 10:25:51 -05:00
Nick Mathewson
884b3717a9
Bump version to 0.2.5.13
2017-02-28 10:23:20 -05:00
Nick Mathewson
b2b604ecb4
Merge branch 'maint-0.2.4' into maint-0.2.5
...
"ours" merge to avoid bumping version
2017-02-28 10:22:36 -05:00
Nick Mathewson
4bab288a82
Bump to 0.2.4.28
2017-02-28 10:20:46 -05:00
Nick Mathewson
aec45bc0b1
Merge branch 'maint-0.2.6' into maint-0.2.7-redux
2017-02-17 17:10:47 -05:00
Nick Mathewson
67cec7578c
Check for micro < 0, rather than checking "minor" twice.
...
Bug found with clang scan-build. Fixes bug on f63e06d3dc
.
Bug not present in any released Tor.
2017-02-17 11:31:39 -05:00
Nick Mathewson
fea93abecd
whoops; make 21450 compile
2017-02-15 08:19:37 -05:00
Nick Mathewson
cb6b3b7cad
Limit version numbers to 0...INT32_MAX.
...
Closes 21450; patch from teor.
2017-02-15 07:57:34 -05:00
Nick Mathewson
a1c3b391de
Merge branch 'maint-0.2.8' into maint-0.2.9
2017-02-15 07:52:54 -05:00
Nick Mathewson
5222054163
Merge branch 'maint-0.2.7' into maint-0.2.8
2017-02-15 07:52:47 -05:00
Nick Mathewson
e6376a8004
Merge branch 'maint-0.2.6' into maint-0.2.7
2017-02-15 07:52:41 -05:00
Nick Mathewson
f7ed4a7d8f
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-02-15 07:52:33 -05:00
Nick Mathewson
71cd68b66b
Merge branch 'maint-0.2.8' of git-rw.torproject.org:/tor into maint-0.2.8
2017-02-15 07:51:57 -05:00
Nick Mathewson
67877f55ad
Merge branch 'maint-0.2.7' of git-rw.torproject.org:/tor into maint-0.2.7
2017-02-15 07:51:48 -05:00
Nick Mathewson
6e7ff9ee31
Merge branch 'maint-0.2.6' of git-rw.torproject.org:/tor into maint-0.2.6
2017-02-15 07:51:41 -05:00
Nick Mathewson
aeb299ba6d
Merge branch 'maint-0.2.5' of git-rw.torproject.org:/tor into maint-0.2.5
2017-02-15 07:51:33 -05:00
Nick Mathewson
5d88267bf4
Merge branch 'bug21278_extra_029' into maint-0.2.9
2017-02-15 07:48:30 -05:00
Nick Mathewson
ec6b5a098d
Merge branch 'bug21278_redux_029_squashed' into maint-0.2.9
2017-02-15 07:48:18 -05:00
Nick Mathewson
eeb743588a
Merge branch 'maint-0.2.8' into maint-0.2.9
2017-02-15 07:48:10 -05:00
Nick Mathewson
1ebdae6171
Merge branch 'maint-0.2.7' into maint-0.2.8
2017-02-15 07:47:28 -05:00
Nick Mathewson
ed806843dc
Merge branch 'maint-0.2.6' into maint-0.2.7
2017-02-15 07:47:21 -05:00
Nick Mathewson
3781f24b80
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-02-15 07:47:12 -05:00
Nick Mathewson
a452b71395
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-02-15 07:47:04 -05:00
Roger Dingledine
3c4da8a130
give tor_version_parse_platform some function documentation
2017-02-15 07:46:34 -05:00
Nick Mathewson
02e05bd74d
When examining descriptors as a dirserver, reject ones with bad versions
...
This is an extra fix for bug 21278: it ensures that these
descriptors and platforms will never be listed in a legit consensus.
2017-02-15 07:46:34 -05:00
Nick Mathewson
f63e06d3dc
Extract the part of tor_version_as_new_as that extracts platform
...
Also add a "strict" mode to reject negative inputs.
2017-02-15 07:46:34 -05:00
Nick Mathewson
9f71fde146
changes file for removing compare-by-subtraction pattern
2017-02-14 16:32:59 -05:00
Nick Mathewson
a0ef3cf088
Prevent int underflow in dirvote.c compare_vote_rs_.
...
This should be "impossible" without making a SHA1 collision, but
let's not keep the assumption that SHA1 collisions are super-hard.
This prevents another case related to 21278. There should be no
behavioral change unless -ftrapv is on.
2017-02-14 16:31:23 -05:00
Nick Mathewson
1afc2ed956
Fix policies.c instance of the "if (r=(a-b)) return r" pattern
...
I think this one probably can't underflow, since the input ranges
are small. But let's not tempt fate.
This patch also replaces the "cmp" functions here with just "eq"
functions, since nothing actually checked for anything besides 0 and
nonzero.
Related to 21278.
2017-02-14 16:31:11 -05:00