diff options
| author | Nick Mathewson <nickm@torproject.org> | 2015-03-09 15:09:49 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-03-09 15:09:49 -0400 |
| commit | 24c031b1a28658c921a746f4d58f3ca5e9994108 (patch) | |
| tree | b75415576527d580415a83d4d6338081c7ba76fb /changes | |
| parent | 681802817deb6fb93b95f8284856fd42f3556600 (diff) | |
| download | tor-24c031b1a28658c921a746f4d58f3ca5e9994108.tar.gz tor-24c031b1a28658c921a746f4d58f3ca5e9994108.zip | |
Don't use checked strl{cat,cpy} on OSX.
There is a bug in the overlap-checking in strlcat that can crash Tor
servers. Fixes bug 15205; this is an OSX bug, not a Tor bug.
Diffstat (limited to 'changes')
| -rw-r--r-- | changes/bug15205 | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/changes/bug15205 b/changes/bug15205 new file mode 100644 index 0000000000..0cb9f3f4bc --- /dev/null +++ b/changes/bug15205 @@ -0,0 +1,5 @@ + o Major bugfixes (crash, OSX, security): + - Fix a remote denial-of-service opportunity caused by a bug + in OSX's _strlcat_chk() function. Fixes bug 15205; bug first + appeared in OSX 10.9. + |