diff options
| author | David Goulet <dgoulet@torproject.org> | 2018-02-13 10:41:21 -0500 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2018-02-13 10:41:21 -0500 |
| commit | 305e39d0f8bcc39d45c2877495046bd927347106 (patch) | |
| tree | 1af61e34ccffaad6da26d0ffcc979f811be36a05 /changes | |
| parent | 1555946e202fef523b35e169c90892b57caea766 (diff) | |
| download | tor-305e39d0f8bcc39d45c2877495046bd927347106.tar.gz tor-305e39d0f8bcc39d45c2877495046bd927347106.zip | |
dos: Add extra safety asserts in cc_stats_refill_bucket()
Never allow the function to set a bucket value above the allowed circuit
burst.
Closes #25202
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'changes')
| -rw-r--r-- | changes/ticket25202 | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/changes/ticket25202 b/changes/ticket25202 new file mode 100644 index 0000000000..5edef44f0b --- /dev/null +++ b/changes/ticket25202 @@ -0,0 +1,4 @@ + o Minor bugfixes (DoS mitigation): + - Add extra safety checks when refilling the circuit creation bucket to + ensure we never set a value that is above the allowed burst. Fixes + ticket 25202. |