Merge branch 'maint-0.4.5' into release-0.4.5

author: David Goulet <dgoulet@torproject.org> 2022-04-14 09:34:49 -0400
committer: David Goulet <dgoulet@torproject.org> 2022-04-14 09:34:49 -0400
commit: 63d698b928ea900b87d07eac262e3129ab68c642 (patch)
tree: 4f9fffb921e8aadefd983b6b01ec4ba287e044c4 /changes
parent: 1949407f0a3108b824484c7788b629be342167fc (diff)
parent: 9ac479ce1c20fd2e58528900b54d5b81bedb641d (diff)
download: tor-63d698b928ea900b87d07eac262e3129ab68c642.tar.gz
tor-63d698b928ea900b87d07eac262e3129ab68c642.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/changes/bug40472 b/changes/bug40472
new file mode 100644
index 0000000000..d87c1dc2cc
--- /dev/null
+++ b/changes/bug40472
@@ -0,0 +1,6 @@
+  o Minor bugfixes (performance, DoS):
+    - Fix one case of a not-especially viable denial-of-service attack found
+      by OSS-Fuzz in our consensus-diff parsing code. This attack causes a
+      lot small of memory allocations and then immediately frees them: this
+      is only slow when running with all the sanitizers enabled.  Fixes one
+      case of bug 40472; bugfix on 0.3.1.1-alpha.
author	David Goulet <dgoulet@torproject.org>	2022-04-14 09:34:49 -0400
committer	David Goulet <dgoulet@torproject.org>	2022-04-14 09:34:49 -0400
commit	63d698b928ea900b87d07eac262e3129ab68c642 (patch)
tree	4f9fffb921e8aadefd983b6b01ec4ba287e044c4 /changes
parent	1949407f0a3108b824484c7788b629be342167fc (diff)
parent	9ac479ce1c20fd2e58528900b54d5b81bedb641d (diff)
download	tor-63d698b928ea900b87d07eac262e3129ab68c642.tar.gz tor-63d698b928ea900b87d07eac262e3129ab68c642.zip