Merge branch 'maint-0.4.6' into release-0.4.6

author: David Goulet <dgoulet@torproject.org> 2022-04-14 09:34:49 -0400
committer: David Goulet <dgoulet@torproject.org> 2022-04-14 09:34:49 -0400
commit: c54e1cba011b14dfe39c3c181c5a8c9f08b0be69 (patch)
tree: a88a04b69b701dec6564354c851b32f91eb74e82 /changes
parent: 275a78ac4f35066fcba35dc4361e28a823b07227 (diff)
parent: b33f69abb54d06b324301977e87171d5902a39bf (diff)
download: tor-c54e1cba011b14dfe39c3c181c5a8c9f08b0be69.tar.gz
tor-c54e1cba011b14dfe39c3c181c5a8c9f08b0be69.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/changes/bug40472 b/changes/bug40472
new file mode 100644
index 0000000000..d87c1dc2cc
--- /dev/null
+++ b/changes/bug40472
@@ -0,0 +1,6 @@
+  o Minor bugfixes (performance, DoS):
+    - Fix one case of a not-especially viable denial-of-service attack found
+      by OSS-Fuzz in our consensus-diff parsing code. This attack causes a
+      lot small of memory allocations and then immediately frees them: this
+      is only slow when running with all the sanitizers enabled.  Fixes one
+      case of bug 40472; bugfix on 0.3.1.1-alpha.
author	David Goulet <dgoulet@torproject.org>	2022-04-14 09:34:49 -0400
committer	David Goulet <dgoulet@torproject.org>	2022-04-14 09:34:49 -0400
commit	c54e1cba011b14dfe39c3c181c5a8c9f08b0be69 (patch)
tree	a88a04b69b701dec6564354c851b32f91eb74e82 /changes
parent	275a78ac4f35066fcba35dc4361e28a823b07227 (diff)
parent	b33f69abb54d06b324301977e87171d5902a39bf (diff)
download	tor-c54e1cba011b14dfe39c3c181c5a8c9f08b0be69.tar.gz tor-c54e1cba011b14dfe39c3c181c5a8c9f08b0be69.zip