mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 15:43:32 +01:00
ff088ea7d7
Credit AFL in the changes file.
10 lines
581 B
Plaintext
10 lines
581 B
Plaintext
o Major bugfixes (HTTP, parsing):
|
|
- When parsing a malformed content-length field from an HTTP message,
|
|
do not read off the end of the buffer. This bug was a potential
|
|
remote denial-of-service attack against Tor clients and relays.
|
|
A workaround was released in October 2016, which prevents this
|
|
bug from crashing Tor. This is a fix for the underlying issue,
|
|
which should no longer matter (if you applied the earlier patch).
|
|
Fixes bug 20894; bugfix on 0.2.0.16-alpha. Bug found by fuzzing
|
|
using AFL (http://lcamtuf.coredump.cx/afl/).
|