tor/bug6007 at 491dc3a601d7c2610503f73192bd1a40bcb37ab2 - tor - Git with a cup of Datura seeds

nihilist/tor

mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-21 05:26:20 +02:00

Nick Mathewson af54a01828 Kill non-open OR connections with any data on their inbufs.

This fixes a DoS issue where a client could send so much data in 5
minutes that they exhausted the server's RAM.  Fix for bug 5934 and
6007.  Bugfix on 0.2.0.20-rc, which enabled the v2 handshake.

2012-06-04 11:29:18 -04:00

6 lines

220 B

Plaintext

Raw Blame History

   o Major bugfixes (security):
     - When waiting for a client to renegotiate, don't allow it to add
       any bytes to the input buffer. This fixes a DoS issue. Fix for
       bugs 6007 and 5934; bugfix on 0.2.0.20-rc.