tor/v3_intro_len at 194e31057fbf07d6bdf4b62d26e1a9db334e5f1c - tor - Git with a cup of Datura seeds

nihilist/tor

mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-20 21:16:22 +02:00

Nick Mathewson d5cfbf96a2 Fix an uninitialized-read when parsing v3 introduction requests.

Fortunately, later checks mean that uninitialized data can't get sent
to the network by this bug.  Unfortunately, reading uninitialized heap
*can* (in some cases, with some allocators) cause a crash if you get
unlucky and go off the end of a page.

Found by asn.  Bugfix on 0.2.4.1-alpha.

2013-08-10 17:49:51 -04:00

9 lines

346 B

Plaintext

Raw Blame History

   o Major bugfixes:
     - Fix an uninitialized read that could (in some cases) lead to a remote
       crash while parsing INTRODUCE 1 cells. (This is, so far as we know,
       unrelated to the recent news.)  Fixes bug XXX; bugfix on
 .2.4.1-alpha. Anybody running a hidden service on the experimental
 .2.4.x branch should upgrade.