diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-09-18 09:39:35 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-09-18 09:39:35 -0400 |
| commit | 0ec72b030839c3a9e8c557483594b9dbe86c0792 (patch) | |
| tree | 7402f254a58fc0adea164d42fc82214561373ae8 | |
| parent | 26f68dfcef283137e60319c003300b07c56a3209 (diff) | |
| parent | 4a2cbea6ce585fcdaf86a80ccf39bceb4137e86a (diff) | |
| download | tor-0ec72b030839c3a9e8c557483594b9dbe86c0792.tar.gz tor-0ec72b030839c3a9e8c557483594b9dbe86c0792.zip | |
Merge branch 'trove-2017-008_028' into maint-0.2.8
| -rw-r--r-- | changes/trove-2017-008 | 5 | ||||
| -rw-r--r-- | src/or/rendservice.c | 4 |
2 files changed, 7 insertions, 2 deletions
diff --git a/changes/trove-2017-008 b/changes/trove-2017-008 new file mode 100644 index 0000000000..4b9c5b0a12 --- /dev/null +++ b/changes/trove-2017-008 @@ -0,0 +1,5 @@ + o Major bugfixes (security, hidden services, loggging): + - Fix a bug where we could log uninitialized stack when a certain + hidden service error occurred while SafeLogging was disabled. + Fixes bug #23490; bugfix on 0.2.7.2-alpha. + This is also tracked as TROVE-2017-008 and CVE-2017-0380. diff --git a/src/or/rendservice.c b/src/or/rendservice.c index b81a01c568..0a5b5efd54 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -2859,6 +2859,8 @@ rend_service_intro_established(origin_circuit_t *circuit, (unsigned)circuit->base_.n_circ_id); goto err; } + base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32 + 1, + circuit->rend_data->rend_pk_digest, REND_SERVICE_ID_LEN); /* We've just successfully established a intro circuit to one of our * introduction point, account for it. */ intro = find_intro_point(circuit); @@ -2875,8 +2877,6 @@ rend_service_intro_established(origin_circuit_t *circuit, service->desc_is_dirty = time(NULL); circuit_change_purpose(TO_CIRCUIT(circuit), CIRCUIT_PURPOSE_S_INTRO); - base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32 + 1, - circuit->rend_data->rend_pk_digest, REND_SERVICE_ID_LEN); log_info(LD_REND, "Received INTRO_ESTABLISHED cell on circuit %u for service %s", (unsigned)circuit->base_.n_circ_id, serviceid); |