Do not assert when comparing a null address/port against a policy

This can create a remote crash opportunity for/against directory authorities.
author: Nick Mathewson <nickm@torproject.org> 2012-08-27 11:52:51 -0400
committer: Nick Mathewson <nickm@torproject.org> 2012-08-27 12:04:55 -0400
commit: 62d96284f7e0f81c40d5df7e53dd7b4dfe7e56a5 (patch)
tree: 8cdad342a8ce81ded6a606a28585b343520689e5 /changes/bug6690
parent: d48cebc5e498b0ae673635f40fc57cdddab45d5b (diff)
download: tor-62d96284f7e0f81c40d5df7e53dd7b4dfe7e56a5.tar.gz
tor-62d96284f7e0f81c40d5df7e53dd7b4dfe7e56a5.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/changes/bug6690 b/changes/bug6690
new file mode 100644
index 0000000000..99d42976ed
--- /dev/null
+++ b/changes/bug6690
@@ -0,0 +1,7 @@
+  o Major bugfixes (security):
+    - Do not crash when comparing an address with port value 0 to an
+      address policy. This bug could have been used to cause a remote
+      assertion failure by or against directory authorities, or to
+      allow some applications to crash clients. Fixes bug 6690; bugfix
+      on 0.2.1.10-alpha.
+
author	Nick Mathewson <nickm@torproject.org>	2012-08-27 11:52:51 -0400
committer	Nick Mathewson <nickm@torproject.org>	2012-08-27 12:04:55 -0400
commit	62d96284f7e0f81c40d5df7e53dd7b4dfe7e56a5 (patch)
tree	8cdad342a8ce81ded6a606a28585b343520689e5 /changes/bug6690
parent	d48cebc5e498b0ae673635f40fc57cdddab45d5b (diff)
download	tor-62d96284f7e0f81c40d5df7e53dd7b4dfe7e56a5.tar.gz tor-62d96284f7e0f81c40d5df7e53dd7b4dfe7e56a5.zip