aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2017-06-08bump to 0.2.5.14Nick Mathewson
2017-06-08Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-06-08TROVE-2017-005: Fix assertion failure in connection_edge_process_relay_cellDavid Goulet
On an hidden service rendezvous circuit, a BEGIN_DIR could be sent (maliciously) which would trigger a tor_assert() because connection_edge_process_relay_cell() thought that the circuit is an or_circuit_t but is an origin circuit in reality. Fixes #22494 Reported-by: Roger Dingledine <arma@torproject.org> Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-06-05Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-06-05Fix C89 warning (since Tor 0.2.4-5 still care about that.)Nick Mathewson
2017-06-05Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-06-05Fix undefined behavior in geoip_parse_entry().Nick Mathewson
Fixes bug 22490; bugfix on 6a241ff3ffe7dc1 in 0.2.4.6-alpha. Found by teor using clang-5.0's AddressSanitizer stack-use-after-scope.
2017-05-08Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-05-08Update geoip and geoip6 to the May 2 2017 database.Karsten Loesing
2017-04-06Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-04-06Update geoip and geoip6 to the April 4 2017 database.Karsten Loesing
2017-03-08Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-03-08Update geoip and geoip6 to the March 7 2017 database.Karsten Loesing
2017-02-28Bump version to 0.2.5.13Nick Mathewson
2017-02-28Bump to 0.2.4.28Nick Mathewson
2017-02-15Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-02-14Avoid integer underflow in tor_version_compare.Nick Mathewson
Fix for TROVE-2017-001 and bug 21278. (Note: Instead of handling signed ints "correctly", we keep the old behavior, except for the part where we would crash with -ftrapv.)
2017-02-13Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-02-12Update geoip and geoip6 to the February 8 2017 database.Karsten Loesing
2017-02-07Merge remote-tracking branch 'public/bug18710_025' into maint-0.2.5Nick Mathewson
2017-02-07Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-02-07Disable a log_backtrace (which 0.2.4 does not have) in 16248 fixNick Mathewson
2017-02-07Add comments to connection_check_event().Nick Mathewson
2017-02-07Change behavior on missing/present event to warn instead of asserting.Nick Mathewson
Add a changes file.
2017-02-07If we start/stop reading on a dnsserv connection, don't assert.Nick Mathewson
Fixes bug 16248. Patch from cypherpunks. Bugfix on 0.2.0.1-alpha.
2017-02-07Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-02-07Backport the tonga->bifroest move to 0.2.4.Nick Mathewson
This is a backport of 19728 and 19690
2017-02-07Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-02-07Merge remote-tracking branch 'public/bug19152_024_v2' into maint-0.2.4Nick Mathewson
2017-02-07Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-02-07Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.4Nick Mathewson
2017-02-07Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-02-07Refine the memwipe() arguments check for 18089 a little more.Nick Mathewson
We still silently ignore memwipe(NULL, ch, 0); and memwipe(ptr, ch, 0); /* for ptr != NULL */ But we now assert on: memwipe(NULL, ch, 30);
2017-02-07Make memwipe() do nothing when passed a NULL pointer or zero sizeteor (Tim Wilson-Brown)
Check size argument to memwipe() for underflow. Closes bug #18089. Reported by "gk", patch by "teor". Bugfix on 0.2.3.25 and 0.2.4.6-alpha (#7352), commit 49dd5ef3 on 7 Nov 2012.
2017-02-07Fix out-of-bounds read in INTRODUCE2 client authJohn Brooks
The length of auth_data from an INTRODUCE2 cell is checked when the auth_type is recognized (1 or 2), but not for any other non-zero auth_type. Later, auth_data is assumed to have at least REND_DESC_COOKIE_LEN bytes, leading to a client-triggered out of bounds read. Fixed by checking auth_len before comparing the descriptor cookie against known clients. Fixes #15823; bugfix on 0.2.1.6-alpha.
2017-01-11Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2017-01-04Update geoip and geoip6 to the January 4 2017 database.Karsten Loesing
2016-12-20Add a one-word sentinel value of 0x0 at the end of each buf_t chunkNick Mathewson
This helps protect against bugs where any part of a buf_t's memory is passed to a function that expects a NUL-terminated input.
2016-12-20Add a one-word sentinel value of 0x0 at the end of each buf_t chunkNick Mathewson
This helps protect against bugs where any part of a buf_t's memory is passed to a function that expects a NUL-terminated input.
2016-12-20Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2016-12-18Make log message warn about detected attempts to exploit 21018.Nick Mathewson
2016-12-18Fix parsing bug with unecognized token at EOSNick Mathewson
In get_token(), we could read one byte past the end of the region. This is only a big problem in the case where the region itself is (a) potentially hostile, and (b) not explicitly nul-terminated. This patch fixes the underlying bug, and also makes sure that the one remaining case of not-NUL-terminated potentially hostile data gets NUL-terminated. Fix for bug 21018, TROVE-2016-12-002, and CVE-2016-1254
2016-12-09Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2016-12-09Update geoip and geoip6 to the December 7 2016 database.Karsten Loesing
2016-11-07Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2016-11-07Update geoip and geoip6 to the November 3 2016 database.Karsten Loesing
2016-10-06Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2016-10-05Update geoip and geoip6 to the October 6 2016 database.Karsten Loesing
2016-09-07Merge branch 'maint-0.2.4' into maint-0.2.5Nick Mathewson
2016-09-07Update geoip and geoip6 to the September 6 2016 database.Karsten Loesing
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion