From 4ccf09b1c21a858540453287e58a478a80a598ae Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Mon, 14 Jan 2013 14:02:13 -0500
Subject: Reject create/begin/etc cells with {circ,stream}ID 0.

Otherwise, it's possible to create streams or circuits with these
bogus IDs, leading to orphaned circuits or streams, or to ones that
can cause bandwidth DOS problems.

Fixes bug 7889; bugfix on all released Tors.
---
 changes/bug7889 | 8 ++++++++
 1 file changed, 8 insertions(+)
 create mode 100644 changes/bug7889

(limited to 'changes')

diff --git a/changes/bug7889 b/changes/bug7889
new file mode 100644
index 0000000000..ce99a59ce5
--- /dev/null
+++ b/changes/bug7889
@@ -0,0 +1,8 @@
+  o Major bugfixes:
+    - Reject bogus create and relay cells with 0 circuit ID or 0 stream
+      ID: these could be used to create unexpected streams and circuits
+      which would count as "present" to some parts of Tor but "absent"
+      to others, leading to zombie circuits and streams or to a
+      bandwidth DOS. Fixes bug 7889; bugfix on every released version of
+      Tor. Reported by "oftc_must_be_destroyed".
+
-- 
cgit v1.2.3-54-g00ecf