Merge branch 'trove-2017-010_029' into maint-0.2.9

author: Nick Mathewson <nickm@torproject.org> 2017-11-30 12:07:26 -0500
committer: Nick Mathewson <nickm@torproject.org> 2017-11-30 12:07:26 -0500
commit: 52d7af631cb1075289ba519d0c3b89e0b5816f5e (patch)
tree: 20c8c9c238050dc88f88ccad01615c0d251cca73
parent: 072e194a15e9aa0e75c6723763a69476f4f31b93 (diff)
parent: 2c0487ecfb410d1361b114e60d8e9ffd2ed092ec (diff)
download: tor-52d7af631cb1075289ba519d0c3b89e0b5816f5e.tar.gz
tor-52d7af631cb1075289ba519d0c3b89e0b5816f5e.zip
2 files changed, 11 insertions, 0 deletions
diff --git a/changes/trove-2017-010 b/changes/trove-2017-010
new file mode 100644
index 0000000000..d5bf9333da
--- /dev/null
+++ b/changes/trove-2017-010
@@ -0,0 +1,6 @@
+  o Major bugfixes (security):
+    - Fix a denial-of-service issue where an attacker could crash
+      a directory authority using a malformed router descriptor.
+      Fixes bug 24245; bugfix on 0.2.9.4-alpha. Also tracked
+      as TROVE-2017-010 and CVE-2017-8820.
+
diff --git a/src/or/protover.c b/src/or/protover.c
index 0a4d4fb8fd..98957cabdf 100644
--- a/src/or/protover.c
+++ b/src/or/protover.c
@@ -694,6 +694,11 @@ protocol_list_contains(const smartlist_t *protos,
 const char *
 protover_compute_for_old_tor(const char *version)
 {
+  if (version == NULL) {
+    /* No known version; guess the oldest series that is still supported. */
+    version = "0.2.5.15";
+  }
+
   if (tor_version_as_new_as(version,
                             FIRST_TOR_VERSION_TO_ADVERTISE_PROTOCOLS)) {
     return "";
author	Nick Mathewson <nickm@torproject.org>	2017-11-30 12:07:26 -0500
committer	Nick Mathewson <nickm@torproject.org>	2017-11-30 12:07:26 -0500
commit	52d7af631cb1075289ba519d0c3b89e0b5816f5e (patch)
tree	20c8c9c238050dc88f88ccad01615c0d251cca73
parent	072e194a15e9aa0e75c6723763a69476f4f31b93 (diff)
parent	2c0487ecfb410d1361b114e60d8e9ffd2ed092ec (diff)
download	tor-52d7af631cb1075289ba519d0c3b89e0b5816f5e.tar.gz tor-52d7af631cb1075289ba519d0c3b89e0b5816f5e.zip