nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 21:23:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
b06617c948
tor/changes
History
Sebastian Hahn 026e7987ad Sanity-check consensus param values 
We need to make sure that the worst thing that a weird consensus param
can do to us is to break our Tor (and only if the other Tors are
reliably broken in the same way) so that the majority of directory
authorities can't pull any attacks that are worse than the DoS that
they can trigger by simply shutting down.

One of these worse things was the cbtnummodes parameter, which could
lead to heap corruption on some systems if the value was sufficiently
large.

This commit fixes this particular issue and also introduces sanity
checking for all consensus parameters.
2011-01-15 19:42:17 +01:00
..
bug2060 Disable DirPort when BridgeRelay is set 2010-11-22 13:12:48 -05:00
bug2081_followup Reject relay versions older than 0.2.0.26-rc 2010-12-07 11:35:32 -05:00
bug2097-more Add a missing ! to directory_fetches_from_authorities 2010-12-06 11:36:01 -05:00
bug2146.1 Fix a bug in calculating wakeup time on 64-bit machines. 2010-12-06 12:01:32 -05:00
bug2190 Better fix for 2190: defer libevent->controller messages instead of dropping 2010-11-19 22:52:32 -05:00
bug2210 fix changes file for 2210 2010-11-30 19:19:36 -05:00
bug2235 Don't crash when accountingmax is set in non-server Tors 2010-12-03 13:37:13 -05:00
bug2305 Note that Tor requires Automake 1.7. Fixes bug 2305 2011-01-03 17:24:16 -05:00
bug2313 Never include pthread.h when building for Windows. 2011-01-03 12:45:13 -05:00
bug2314 Fix compile wanrings revealed by gcc 4.5 on mingw 2010-12-27 09:47:41 +01:00
bug2317 Sanity-check consensus param values 2011-01-15 19:42:17 +01:00
bug2324 Check size against SIZE_T_CEILING in realloc too. 2011-01-03 15:15:27 -05:00
bug2324_uncompress Detect and disallow compression bombs 2011-01-03 15:54:23 -05:00
bug2326 Avoid assertion on read_file_to_str() with size==SIZE_T_CEILING-1 2011-01-03 15:30:11 -05:00
bug2328 Correctly detect and exclude addresses outside of our virtual address range 2011-01-07 12:24:36 -05:00
bug2330 Pull up more data when parsing socks messages 2011-01-10 17:24:16 -05:00
bug2331 add a missing "not" in bug2331 changelog 2011-01-12 12:42:21 -05:00
bug2332 Always nul-terminate the result passed to evdns_server_add_ptr_reply 2011-01-15 11:49:25 -05:00
bug2337 Detect signed size_t and report an error at configure time. 2011-01-03 16:54:57 -05:00
bug2346 Explain bug2346 fix better based on suggestions from arma 2011-01-12 12:37:42 -05:00
bug2352 Impose maximum sizes on parsed objects 2011-01-10 12:12:11 -05:00
bug2363 Fix check for failed evdns request creation 2011-01-09 19:02:57 -05:00
bug2364 Describe tor-resolve defaults. Bug 2364. 2011-01-09 15:40:40 -05:00
bytecount Fix a harmless off-by-one error in counting controller argument lengths 2010-12-02 13:19:21 -05:00
fix2195-fix Avoid dereferencing NULL if a bridge fails to build an ei descriptor. 2010-11-24 13:18:11 -08:00
gabelmoo-newip Change gabelmoo's IP address and ports. 2010-12-16 13:28:30 +01:00
geoip-dec2010 Update to the December 1 2010 Maxmind GeoLite Country database. 2010-12-08 17:59:40 +01:00
geoip-jan2011 Update to the January 1 2011 Maxmind GeoLite Country database. 2011-01-10 10:37:54 +01:00
mingw-openssl098m Fix compilation with mingw and OpenSSL 0.9.8m+ 2010-11-23 12:47:38 -05:00
remove-website stop shipping doc/img and doc/website in the tarball 2010-11-23 00:03:50 -05:00
security_bug Add a changelog entry 2010-12-15 22:35:07 -05:00
task2196 Report only the top 10 ports in exit-port stats. 2010-11-24 08:45:05 +01:00
tolen_asserts make the description of tolen_asserts more dire 2011-01-15 11:49:26 -05:00