nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-20 13:06:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
f0f2fab5e1
tor/changes/trove-2018-004
Nick Mathewson a83650852d Add another NULL-pointer fix for protover.c. 
This one can only be exploited if you can generate a correctly
signed consensus, so it's not as bad as 25074.

Fixes bug 25251; also tracked as TROVE-2018-004.
2018-03-01 16:05:17 -05:00

9 lines
439 B
Plaintext
Raw Blame History

o Minor bugfixes (denial-of-service):
- Fix a possible crash on malformed consensus. If a consensus had
contained an unparseable protocol line, it could have made clients
and relays crash with a null-pointer exception. To exploit this
issue, however, an attacker would need to be able to subvert the
directory-authority system. Fixes bug 25251; bugfix on
0.2.9.4-alpha. Also tracked as TROVE-2018-004.
Reference in New Issue View Git Blame Copy Permalink