From dfee17328950628686bf2c78a8983871f36d97cf Mon Sep 17 00:00:00 2001
From: Sebastian Hahn <sebastian@torproject.org>
Date: Sun, 7 Feb 2010 06:30:55 +0100
Subject: lookup_last_hid_serv_request() could overflow and leak memory

The problem was that we didn't allocate enough memory on 32-bit
platforms with 64-bit time_t. The memory leak occured every time
we fetched a hidden service descriptor we've fetched before.
---
 ChangeLog | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'ChangeLog')

diff --git a/ChangeLog b/ChangeLog
index 592c39f8a9..973f69b36b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -8,6 +8,13 @@ Changes in version 0.2.1.23 - 2010-0?-??
       automatically discard guards picked using the old algorithm. Fixes
       bug 1217; bugfix on 0.2.1.3-alpha. Found by Mike Perry.
 
+  o Major bugfixes:
+    - Fix a potential buffer overflow in lookup_last_hid_serv_request()
+     that could happen on 32-bit platforms with 64-bit time_t. Also fix
+     a memory leak when requesting a hidden service descriptor we've
+     requested before. Fixes bug 1242, bugfix on 0.2.0.18-alpha. Found
+     by aakova.
+
   o Minor bugfixes:
     - When deciding whether to use strange flags to turn TLS renegotiation
       on, detect the OpenSSL version at run-time, not compile time.  We
-- 
cgit v1.2.3-54-g00ecf