Add another NULL-pointer fix for protover.c.

This one can only be exploited if you can generate a correctly signed consensus, so it's not as bad as 25074. Fixes bug 25251; also tracked as TROVE-2018-004.
author: Nick Mathewson <nickm@torproject.org> 2018-02-14 10:45:57 -0500
committer: Nick Mathewson <nickm@torproject.org> 2018-03-01 16:05:17 -0500
commit: a83650852d3cd00c9916cae74d755ae55a6b506d (patch)
tree: fa12d59b56d39f7ec3b8e2ae5f8c93e149a946a0 /changes
parent: 65f2eec694f18a64291cc85317b9f22dacc1d8e4 (diff)
download: tor-a83650852d3cd00c9916cae74d755ae55a6b506d.tar.gz
tor-a83650852d3cd00c9916cae74d755ae55a6b506d.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/changes/trove-2018-004 b/changes/trove-2018-004
new file mode 100644
index 0000000000..37e0a89b0d
--- /dev/null
+++ b/changes/trove-2018-004
@@ -0,0 +1,8 @@
+  o Minor bugfixes (denial-of-service):
+    - Fix a possible crash on malformed consensus. If a consensus had
+      contained an unparseable protocol line, it could have made clients
+      and relays crash with a null-pointer exception. To exploit this
+      issue, however, an attacker would need to be able to subvert the
+      directory-authority system. Fixes bug 25251; bugfix on
+      0.2.9.4-alpha. Also tracked as TROVE-2018-004.
+
author	Nick Mathewson <nickm@torproject.org>	2018-02-14 10:45:57 -0500
committer	Nick Mathewson <nickm@torproject.org>	2018-03-01 16:05:17 -0500
commit	a83650852d3cd00c9916cae74d755ae55a6b506d (patch)
tree	fa12d59b56d39f7ec3b8e2ae5f8c93e149a946a0 /changes
parent	65f2eec694f18a64291cc85317b9f22dacc1d8e4 (diff)
download	tor-a83650852d3cd00c9916cae74d755ae55a6b506d.tar.gz tor-a83650852d3cd00c9916cae74d755ae55a6b506d.zip