diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-05-31 11:19:35 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2012-06-04 11:29:18 -0400 |
| commit | af54a0182870babec62bf07d067ca82a67c423de (patch) | |
| tree | 4515797b262d2b6e8c20daaa93f8d82389ef34c6 /changes | |
| parent | 3a9351b57e528b1d0bd2e72bcf78db7c91b2ff8f (diff) | |
| download | tor-af54a0182870babec62bf07d067ca82a67c423de.tar.gz tor-af54a0182870babec62bf07d067ca82a67c423de.zip | |
Kill non-open OR connections with any data on their inbufs.
This fixes a DoS issue where a client could send so much data in 5
minutes that they exhausted the server's RAM. Fix for bug 5934 and
6007. Bugfix on 0.2.0.20-rc, which enabled the v2 handshake.
Diffstat (limited to 'changes')
| -rw-r--r-- | changes/bug6007 | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/changes/bug6007 b/changes/bug6007 new file mode 100644 index 0000000000..4e815754aa --- /dev/null +++ b/changes/bug6007 @@ -0,0 +1,5 @@ + o Major bugfixes (security): + - When waiting for a client to renegotiate, don't allow it to add + any bytes to the input buffer. This fixes a DoS issue. Fix for + bugs 6007 and 5934; bugfix on 0.2.0.20-rc. + |