Nick Mathewson
39ef343523
Add a one-word sentinel value of 0x0 at the end of each buf_t chunk
...
This helps protect against bugs where any part of a buf_t's memory
is passed to a function that expects a NUL-terminated input.
2016-12-20 18:20:01 -05:00
Nick Mathewson
7d3d56e59a
Merge branch 'maint-0.2.4' into maint-0.2.5
...
(ours merge -- there is a separate 0.2.5 patch for 20384.)
2016-12-20 18:19:41 -05:00
Nick Mathewson
8f857c23b7
Add a one-word sentinel value of 0x0 at the end of each buf_t chunk
...
This helps protect against bugs where any part of a buf_t's memory
is passed to a function that expects a NUL-terminated input.
2016-12-20 18:18:53 -05:00
Nick Mathewson
a9bfa997ae
Merge branch 'maint-0.2.8' into maint-0.2.9
2016-12-20 18:15:56 -05:00
Nick Mathewson
7f55aaf281
Merge branch 'maint-0.2.7' into maint-0.2.8
2016-12-20 18:15:26 -05:00
Nick Mathewson
a9c8a5ff18
Merge branch 'maint-0.2.6' into maint-0.2.7
2016-12-20 18:14:21 -05:00
Nick Mathewson
b18bde23cf
Merge branch 'maint-0.2.5' into maint-0.2.6
2016-12-20 18:11:25 -05:00
Nick Mathewson
db58d4d16f
Merge branch 'maint-0.2.4' into maint-0.2.5
2016-12-20 18:11:08 -05:00
Nick Mathewson
897d3c6d13
Bump to 0.2.9.8-dev
2016-12-19 10:13:01 -05:00
Nick Mathewson
8f043ffc64
Merge branch 'maint-0.2.8' into maint-0.2.9
...
"Ours" merge to avoid version bump.
2016-12-19 10:12:34 -05:00
Nick Mathewson
f62c74cc72
Bump to 0.2.8.12-dev
2016-12-19 10:12:11 -05:00
Nick Mathewson
24318fbda9
Bump to 0.2.9.8
2016-12-19 08:08:44 -05:00
Nick Mathewson
c9009ccf92
Merge branch 'maint-0.2.8' into maint-0.2.9
...
"ours" merge to avoid version bump.
2016-12-19 08:07:56 -05:00
Nick Mathewson
b838e1f927
Bump to 0.2.8.12
2016-12-19 08:07:30 -05:00
Nick Mathewson
de65647461
Merge branch 'maint-0.2.8' into maint-0.2.9
2016-12-19 07:58:43 -05:00
Nick Mathewson
c11de4c45f
Merge branch 'bug21018_024' into maint-0.2.8
2016-12-19 07:58:21 -05:00
Nick Mathewson
169a93fff2
Merge branch 'maint-0.2.8' into maint-0.2.9
2016-12-19 07:30:42 -05:00
Nick Mathewson
e0306320b5
Merge remote-tracking branch 'teor/new-fallbacks-028-20161219' into maint-0.2.8
2016-12-19 07:27:39 -05:00
teor
4181e812c7
Update the fallback directory mirror list in December 2016
...
Replace the 81 remaining fallbacks of the 100 originally introduced
in Tor 0.2.8.3-alpha in March 2016, with a list of 177 fallbacks
(123 new, 54 existing, 27 removed) generated in December 2016.
Resolves ticket 20170.
2016-12-19 15:44:20 +11:00
Nick Mathewson
0fb3058ece
Make log message warn about detected attempts to exploit 21018.
2016-12-18 20:17:28 -05:00
Nick Mathewson
d978216dea
Fix parsing bug with unecognized token at EOS
...
In get_token(), we could read one byte past the end of the
region. This is only a big problem in the case where the region
itself is (a) potentially hostile, and (b) not explicitly
nul-terminated.
This patch fixes the underlying bug, and also makes sure that the
one remaining case of not-NUL-terminated potentially hostile data
gets NUL-terminated.
Fix for bug 21018, TROVE-2016-12-002, and CVE-2016-1254
2016-12-18 20:17:24 -05:00
Nick Mathewson
8384f4d26f
version bump: 0.2.9.7-rc-dev
2016-12-12 08:24:37 -05:00
Nick Mathewson
ef53526b10
Spell MAC_OS_X_VERSION_10_12 correctly.
...
Fixes 20935.
2016-12-11 22:17:14 -05:00
Nick Mathewson
cf6da1e4c2
Bump version 0.2.9.7-rc
2016-12-11 21:39:50 -05:00
Nick Mathewson
87c000d19e
Merge remote-tracking branch 'dgoulet/bug20938_029_01' into maint-0.2.9
2016-12-11 20:40:01 -05:00
David Goulet
f3c040e33e
test: fix memory leak in single onion poisoning
...
Closes #20938
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-12-09 12:59:40 -05:00
Nick Mathewson
a40d212383
Downgrade a harmless bug warning to info.
...
Makes 19926 less annoying in 0.2.9. In 0.3.0, we should actually
fix this.
2016-12-09 08:43:09 -05:00
Nick Mathewson
adaf6a422a
Merge branch 'maint-0.2.8' into maint-0.2.9
2016-12-09 08:34:24 -05:00
Nick Mathewson
56a2b8dc6e
Merge branch 'maint-0.2.7' into maint-0.2.8
2016-12-09 08:34:18 -05:00
Nick Mathewson
b49369badd
Merge branch 'maint-0.2.6' into maint-0.2.7
2016-12-09 08:34:12 -05:00
Nick Mathewson
3d9f8ff6a5
Merge branch 'maint-0.2.5' into maint-0.2.6
2016-12-09 08:34:06 -05:00
Nick Mathewson
3d2d3f2b62
Merge branch 'maint-0.2.4' into maint-0.2.5
2016-12-09 08:33:57 -05:00
David Goulet
9bb3bcbc41
router: Fix memory leak in signed_descriptor_move()
...
The signed_descriptor_move() was not releasing memory inside the destination
object before overwriting it with the source object. This commit adds a reset
function that free that memory inside a signed descriptor object and zero it.
Closes #20715 .
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-12-09 08:30:46 -05:00
Karsten Loesing
9db47e7921
Update geoip and geoip6 to the December 7 2016 database.
2016-12-09 10:23:36 +01:00
Nick Mathewson
f9636ebc2f
Merge branch 'maint-0.2.8' into maint-0.2.9
...
"Ours" merge to avoid bumping version.
2016-12-08 11:03:08 -05:00
Nick Mathewson
d47c52b384
Bump to 0.2.8.11-dev
2016-12-08 11:02:49 -05:00
Nick Mathewson
9c899dad31
Merge remote-tracking branch 'origin/maint-0.2.8' into maint-0.2.8
2016-12-08 09:07:28 -05:00
Nick Mathewson
5d4ff915cb
Merge branch 'maint-0.2.8' into maint-0.2.9
2016-12-08 09:06:10 -05:00
Nick Mathewson
4732e150e8
Bump to 0.2.8.11
2016-12-08 09:04:37 -05:00
cypherpunks
9fe6ffa588
Use the correct preprocessor macro for Linux
...
Also combine all of the checks into one if-tree as only one of them
should actually succeed.
2016-12-08 07:48:19 -05:00
Nick Mathewson
d838a812bd
Merge branch 'bug19960_2' into maint-0.2.9
2016-12-08 07:48:14 -05:00
Nick Mathewson
f602172dba
Merge branch 'maint-0.2.8' into maint-0.2.9
...
(ours merge, to avoid taking 20865 fix)
2016-12-07 18:28:09 -05:00
Nick Mathewson
10baf2c684
Backport the other sierra fix in 20865.
...
They added clock_gettime(), but with tv_nsec as a long, whereas
tv_usec is a __darwin_suseconds_t (a.k.a. 'int'). Now, why would
they do that? Are they preparing for a world where there are more
than 2 billion nanoseconds per second? Are they planning for having
int be less than 32 bits again? Or are they just not paying
attention to the Darwin API?
Also, they forgot to mark clock_gettime() as Sierra-only, so even
if we fixed the issue here, we'd still be stick with portability
breakage like we were for 0.2.9.
So, just disable clock_gettime() on apple.
2016-12-07 18:24:28 -05:00
Nick Mathewson
53d4e89626
Netbsd doesn't have ipfw, only the regular pf transport stuff.
...
Attempted fix for 19960.
Also, fixes a typo.
2016-12-07 15:22:44 -05:00
Nick Mathewson
e7ade23f97
Increase verbosity on options/validate__transproxy
...
This is an attempt to figure out what's up with #19960
2016-12-07 11:24:58 -05:00
Nick Mathewson
0815f96416
Fix a BUG() warning from next_random_exponential_delay().
...
Fixes 20875; this code is as suggested by teor on the ticket. Thanks!
2016-12-07 11:13:11 -05:00
Nick Mathewson
fce425e3ff
Increase tolerances in util/monotonic_time tests
...
This is an attempt to fix #19974 .
2016-12-07 11:08:54 -05:00
Nick Mathewson
d6ca36defa
Merge branch 'bug20710_025' into maint-0.2.9
2016-12-07 10:52:12 -05:00
Nick Mathewson
045a50e45a
Forgot to add changes file for 20710.
2016-12-07 10:51:39 -05:00
Nick Mathewson
30f05167f1
Merge branch 'maint-0.2.8' into maint-0.2.9
2016-12-05 10:06:45 -05:00