From 50ff24e27652b4781a127d5dea81c4de96a6fdef Mon Sep 17 00:00:00 2001
From: David Goulet <dgoulet@torproject.org>
Date: Mon, 16 May 2016 11:18:51 -0400
Subject: dirauth: don't use hardcoded length when parsing digests

When parsing detached signature, we make sure that we use the length of the
digest algorithm instead of an hardcoded DIGEST256_LEN in order to avoid
comparing bytes out of bound with a smaller digest length such as SHA1.

Fixes #19066

Signed-off-by: David Goulet <dgoulet@torproject.org>
---
 changes/bug19066 | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 changes/bug19066

(limited to 'changes/bug19066')

diff --git a/changes/bug19066 b/changes/bug19066
new file mode 100644
index 0000000000..c3d1fc789a
--- /dev/null
+++ b/changes/bug19066
@@ -0,0 +1,5 @@
+  o Minor bugfixes (directory authority):
+    - When parsing detached signature, make sure we use the length of the
+      digest algorithm instead of an hardcoded DIGEST256_LEN in order to
+      avoid comparing bytes out of bound with a smaller digest length such
+      as SHA1. Fixes #19066; bugfix on tor-0.2.2.6-alpha.
-- 
cgit v1.2.3-54-g00ecf