diff options
| author | Sebastian Hahn <sebastian@torproject.org> | 2010-02-07 06:30:55 +0100 |
|---|---|---|
| committer | Sebastian Hahn <sebastian@torproject.org> | 2010-02-07 06:37:35 +0100 |
| commit | dfee17328950628686bf2c78a8983871f36d97cf (patch) | |
| tree | 2892be8eb23376721e0cea6150c92e86c1721def /ChangeLog | |
| parent | f6ff14a82ead43e3f5c2a6b2f2ace45ca2f45081 (diff) | |
| download | tor-dfee17328950628686bf2c78a8983871f36d97cf.tar.gz tor-dfee17328950628686bf2c78a8983871f36d97cf.zip | |
lookup_last_hid_serv_request() could overflow and leak memory
The problem was that we didn't allocate enough memory on 32-bit
platforms with 64-bit time_t. The memory leak occured every time
we fetched a hidden service descriptor we've fetched before.
Diffstat (limited to 'ChangeLog')
| -rw-r--r-- | ChangeLog | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -8,6 +8,13 @@ Changes in version 0.2.1.23 - 2010-0?-?? automatically discard guards picked using the old algorithm. Fixes bug 1217; bugfix on 0.2.1.3-alpha. Found by Mike Perry. + o Major bugfixes: + - Fix a potential buffer overflow in lookup_last_hid_serv_request() + that could happen on 32-bit platforms with 64-bit time_t. Also fix + a memory leak when requesting a hidden service descriptor we've + requested before. Fixes bug 1242, bugfix on 0.2.0.18-alpha. Found + by aakova. + o Minor bugfixes: - When deciding whether to use strange flags to turn TLS renegotiation on, detect the OpenSSL version at run-time, not compile time. We |