tor/bug17404 at 78dfa76ddcfd72015b0454e397de9a190e4e3106 - tor - Git with a cup of Datura seeds

nihilist/tor

mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-20 21:16:22 +02:00

Nick Mathewson 35bf07b8d6 Check for len < 4 in dn_indicates_v3_cert

Without this check, we potentially look up to 3 characters before
the start of a malloc'd segment, which could provoke a crash under
certain (weird afaik) circumstances.

Fixes 17404; bugfix on 0.2.6.3-alpha.

2015-10-21 11:44:43 -04:00

7 lines

351 B

Plaintext

Raw Blame History

   o Major bugfixes (security, correctness):
     - Fix a programming error that could cause us to read 4 bytes before
       the beginning of an openssl string. This could be used to provoke
       a crash on systems with an unusual malloc implementation, or
       systems with unsual hardening installed. Fixes bug 17404; bugfix
       on 0.2.3.6-alpha.