diff options
| author | Nick Mathewson <nickm@torproject.org> | 2018-10-25 09:06:13 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2018-10-25 09:06:13 -0400 |
| commit | 368413a321a65234c0256c4ea80c613207cf7587 (patch) | |
| tree | 63b88d347e2f9706494c7d210002c6ed1451afd1 /changes | |
| parent | 5b28190c67ac6828e588c0ec54fe88eab0fb45fb (diff) | |
| download | tor-368413a321a65234c0256c4ea80c613207cf7587.tar.gz tor-368413a321a65234c0256c4ea80c613207cf7587.zip | |
Fix possible UB in an end-of-string check in get_next_token().
Remember, you can't check to see if there are N bytes left in a
buffer by doing (buf + N < end), since the buf + N computation might
take you off the end of the buffer and result in undefined behavior.
Fixes 28202; bugfix on 0.2.0.3-alpha.
Diffstat (limited to 'changes')
| -rw-r--r-- | changes/bug28202 | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/changes/bug28202 b/changes/bug28202 new file mode 100644 index 0000000000..182daac4f1 --- /dev/null +++ b/changes/bug28202 @@ -0,0 +1,4 @@ + o Minor bugfixes (C correctness): + - Avoid undefined behavior in an end-of-string check when parsing the + BEGIN line in a directory object. Fixes bug 28202; bugfix on + 0.2.0.3-alpha. |