#21018: TROVE-2016-12-002 --------------------------+------------------------------------ Reporter: nickm | Owner: nickm Type: defect | Status: accepted Priority: Medium | Milestone: Tor: 0.2.9.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: --------------------------+------------------------------------
Comment (by nickm): My branch `bug21018_024` has the fix. From the changes file: {{{ + - Fix a bug in parsing that could cause clients to read a single + byte past the end of an allocated region. This bug could be + used to cause hardened clients (built with + --enable-expensive-hardening) to crash if they tried to visit + a hostile hidden service. Non-hardened clients are only + affected depending on the details of their platform's memory + allocator. Fixes bug 21018; bugfix on 0.2.0.8-alpha. Found by + using libFuzzer. Also tracked as TROVE-2016-12-002 and as + CVE-2016-1254. }}} -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21018#comment:2> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs