mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 04:13:28 +01:00
mirror repository of the tor core protocol in case of issues
053e11f397
The length of auth_data from an INTRODUCE2 cell is checked when the auth_type is recognized (1 or 2), but not for any other non-zero auth_type. Later, auth_data is assumed to have at least REND_DESC_COOKIE_LEN bytes, leading to a client-triggered out of bounds read. Fixed by checking auth_len before comparing the descriptor cookie against known clients. Fixes #15823; bugfix on 0.2.1.6-alpha. |
||
---|---|---|
changes | ||
contrib | ||
doc | ||
m4 | ||
src | ||
.gitignore | ||
acinclude.m4 | ||
autogen.sh | ||
ChangeLog | ||
configure.ac | ||
Doxyfile.in | ||
INSTALL | ||
LICENSE | ||
Makefile.am | ||
Makefile.nmake | ||
README | ||
ReleaseNotes |
Tor protects your privacy on the internet by hiding the connection between your Internet address and the services you use. We believe Tor is reasonably secure, but please ensure you read the instructions and configure it properly. To build Tor from source: ./configure && make && make install Home page: https://www.torproject.org/ Download new versions: https://www.torproject.org/download.html Documentation, including links to installation and setup instructions: https://www.torproject.org/documentation.html Making applications work with Tor: https://wiki.torproject.org/noreply/TheOnionRouter/TorifyHOWTO Frequently Asked Questions: https://www.torproject.org/faq.html https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ