diff options
| author | Nick Mathewson <nickm@torproject.org> | 2013-01-14 14:02:13 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2013-01-14 14:02:13 -0500 |
| commit | 4ccf09b1c21a858540453287e58a478a80a598ae (patch) | |
| tree | d626621e039b8ec4b9312a2e81241cc93be30076 /changes | |
| parent | 52bf1556b18a3af0d7d4f612cd27e956353bf5b5 (diff) | |
| download | tor-4ccf09b1c21a858540453287e58a478a80a598ae.tar.gz tor-4ccf09b1c21a858540453287e58a478a80a598ae.zip | |
Reject create/begin/etc cells with {circ,stream}ID 0.
Otherwise, it's possible to create streams or circuits with these
bogus IDs, leading to orphaned circuits or streams, or to ones that
can cause bandwidth DOS problems.
Fixes bug 7889; bugfix on all released Tors.
Diffstat (limited to 'changes')
| -rw-r--r-- | changes/bug7889 | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/changes/bug7889 b/changes/bug7889 new file mode 100644 index 0000000000..ce99a59ce5 --- /dev/null +++ b/changes/bug7889 @@ -0,0 +1,8 @@ + o Major bugfixes: + - Reject bogus create and relay cells with 0 circuit ID or 0 stream + ID: these could be used to create unexpected streams and circuits + which would count as "present" to some parts of Tor but "absent" + to others, leading to zombie circuits and streams or to a + bandwidth DOS. Fixes bug 7889; bugfix on every released version of + Tor. Reported by "oftc_must_be_destroyed". + |