mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 12:23:32 +01:00
bca7083e82
This closes bug 18162; bugfix on a45b131590
, which fixed a related
issue long ago.
In addition to the #18162 issues, this fixes a signed integer overflow
in smarltist_add_all(), which is probably not so great either.
8 lines
295 B
Plaintext
8 lines
295 B
Plaintext
o Major bugfixes (security, pointers):
|
|
|
|
- Avoid a difficult-to-trigger heap corruption attack when extending
|
|
a smartlist to contain over 16GB of pointers. Fixes bug #18162;
|
|
bugfix on Tor 0.1.1.11-alpha, which fixed a related bug
|
|
incompletely. Reported by Guido Vranken.
|
|
|