mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 21:23:58 +01:00
ede88c374c
It can be called with strings that should have been length-delimited, but which in fact are not. This can cause a CPU-DoS bug or, in a worse case, a crash. Since this function isn't essential, the best solution for older Tors is to just turn it off. Fixes bug 40286; bugfix on 0.2.2.1-alpha when dump_desc() was introduced.
6 lines
287 B
Plaintext
6 lines
287 B
Plaintext
o Major bugfixes (denial of service):
|
|
- Disable the dump_desc() function that we used to dump unparseable
|
|
information to disk. It was called incorrectly in several places,
|
|
in a way that could lead to excessive CPU usage.
|
|
Fixes bug 40286; bugfix on 0.2.2.1-alpha.
|