mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-11 05:33:47 +01:00
115782bdbe
Our public key functions assumed that they were always writing into a large enough buffer. In one case, they weren't. (Incorporates fixes from sebastian)
10 lines
473 B
Plaintext
10 lines
473 B
Plaintext
o Major bugfixes (security)
|
|
- Fix a heap overflow bug where an adversary could cause heap
|
|
corruption. Since the contents of the corruption would need to be
|
|
the output of an RSA decryption, we do not think this is easy to
|
|
turn in to a remote code execution attack, but everybody should
|
|
upgrade anyway. Found by debuger. Bugfix on 0.1.2.10-rc.
|
|
o Defensive programming
|
|
- Introduce output size checks on all of our decryption functions.
|
|
|