diff options
| author | Nick Mathewson <nickm@torproject.org> | 2015-03-12 12:27:25 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-03-12 12:27:25 -0400 |
| commit | eecd410984e3f1741dda877fe482e082a41db700 (patch) | |
| tree | ef0d1c8e82d739e81a3f0e528115b9b5fb319d81 | |
| parent | a00d07ac1bddd84dd6109cae7afda970d5722d24 (diff) | |
| parent | 24c031b1a28658c921a746f4d58f3ca5e9994108 (diff) | |
| download | tor-eecd410984e3f1741dda877fe482e082a41db700.tar.gz tor-eecd410984e3f1741dda877fe482e082a41db700.zip | |
Merge remote-tracking branch 'public/bug15205_025' into maint-0.2.5
| -rw-r--r-- | changes/bug15064 | 4 | ||||
| -rw-r--r-- | changes/bug15205 | 5 | ||||
| -rw-r--r-- | src/common/compat.h | 12 | ||||
| -rw-r--r-- | src/or/connection_edge.c | 3 |
4 files changed, 23 insertions, 1 deletions
diff --git a/changes/bug15064 b/changes/bug15064 new file mode 100644 index 0000000000..e6bd747b1f --- /dev/null +++ b/changes/bug15064 @@ -0,0 +1,4 @@ + o Major bugfixes (FreeBSD IPFW transparent proxy): + - Fix address detection with FreeBSD transparent proxies, + when "TransProxyType ipfw" is in use. + Fixes bug 15064; bugfix on 0.2.5.4-alpha. diff --git a/changes/bug15205 b/changes/bug15205 new file mode 100644 index 0000000000..0cb9f3f4bc --- /dev/null +++ b/changes/bug15205 @@ -0,0 +1,5 @@ + o Major bugfixes (crash, OSX, security): + - Fix a remote denial-of-service opportunity caused by a bug + in OSX's _strlcat_chk() function. Fixes bug 15205; bug first + appeared in OSX 10.9. + diff --git a/src/common/compat.h b/src/common/compat.h index ec7d2415ed..531e88f1bd 100644 --- a/src/common/compat.h +++ b/src/common/compat.h @@ -224,6 +224,18 @@ extern INLINE double U64_TO_DBL(uint64_t x) { #define strncasecmp _strnicmp #define strcasecmp _stricmp #endif + +#if defined __APPLE__ +/* On OSX 10.9 and later, the overlap-checking code for strlcat would + * appear to have a severe bug that can sometimes cause aborts in Tor. + * Instead, use the non-checking variants. This is sad. + * + * See https://trac.torproject.org/projects/tor/ticket/15205 + */ +#undef strlcat +#undef strlcpy +#endif + #ifndef HAVE_STRLCAT size_t strlcat(char *dst, const char *src, size_t siz) ATTR_NONNULL((1,2)); #endif diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 49f9ba4978..1eeb22fcef 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -1531,7 +1531,8 @@ connection_ap_get_original_destination(entry_connection_t *conn, if (options->TransProxyType_parsed == TPT_PF_DIVERT) return destination_from_socket(conn, req); - if (options->TransProxyType_parsed == TPT_DEFAULT) + if (options->TransProxyType_parsed == TPT_DEFAULT || + options->TransProxyType_parsed == TPT_IPFW) return destination_from_pf(conn, req); (void)conn; |