diff options
| author | David Goulet <dgoulet@torproject.org> | 2022-07-27 11:33:16 -0400 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2022-07-27 11:33:16 -0400 |
| commit | 691e542fd520edb8a1371eb42fa7b11b296616b9 (patch) | |
| tree | b06453987c73e1f7b61dd7b69b456b72cbc9e265 | |
| parent | dc13936f20e6263a099f40d32a274847e8384f96 (diff) | |
| parent | 8e7bd9636260af3e31997e2ad5ec071c4e7a0153 (diff) | |
| download | tor-691e542fd520edb8a1371eb42fa7b11b296616b9.tar.gz tor-691e542fd520edb8a1371eb42fa7b11b296616b9.zip | |
Merge branch 'tor-gitlab/mr/605' into maint-0.4.5
| -rw-r--r-- | changes/bug40645 | 5 | ||||
| -rw-r--r-- | src/core/or/channelpadding.c | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/changes/bug40645 b/changes/bug40645 new file mode 100644 index 0000000000..044d5b67d2 --- /dev/null +++ b/changes/bug40645 @@ -0,0 +1,5 @@ + o Minor bugfixes (defense in depth): + - Change a test in the netflow padding code to make it more + _obviously_ safe against remotely triggered crashes. + (It was safe against these before, but not obviously so.) + Fixes bug 40645; bugfix on 0.3.1.1-alpha. diff --git a/src/core/or/channelpadding.c b/src/core/or/channelpadding.c index d0c43e8bdc..d4c19491ac 100644 --- a/src/core/or/channelpadding.c +++ b/src/core/or/channelpadding.c @@ -186,7 +186,7 @@ channelpadding_get_netflow_inactive_timeout_ms(const channel_t *chan) high_timeout = MAX(high_timeout, chan->padding_timeout_high_ms); } - if (low_timeout == high_timeout) + if (low_timeout >= high_timeout) return low_timeout; // No randomization /* |