nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 13:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
b98614f1af
tor/changes/bug24247
Nick Mathewson a7ca71cf6b Fix mock_crypto_pk_public_checksig__nocheck() to handle short RSA keys 
This function -- a mock replacement used only for fuzzing -- would
have a buffer overflow if it got an RSA key whose modulus was under
20 bytes long.

Fortunately, Tor itself does not appear to have a bug here.

Fixes bug 24247; bugfix on 0.3.0.3-alpha when fuzzing was
introduced.  Found by OSS-Fuzz; this is OSS-Fuzz issue 4177.
2017-11-11 14:44:45 -05:00

7 lines
361 B
Plaintext
Raw Blame History

o Minor bugfixes (fuzzing):
- Fix a bug in our fuzzing mock replacement for crypto_pk_checksig(), to
correctly handle cases where a caller gives it an RSA key of under 160
bits. (This is not actually a bug in Tor itself, but wrather in our
fuzzing code.) Fixes bug 24247; bugfix on 0.3.0.3-alpha.
Found by OSS-Fuzz as issue 4177.
Reference in New Issue View Git Blame Copy Permalink