#20894: Resolve read-off-end-of-buffer on atoi in fetch_from_buf_http (TROVE-2016-10-001) ---------------------------------------+----------------------------------- Reporter: teor | Owner: nickm Type: defect | Status: needs_revision Priority: High | Milestone: Tor: | 0.3.0.x-final Component: Core Tor/Tor | Version: Tor: unspecified Severity: Normal | Resolution: Keywords: tor-03-unspecified-201612 | Actual Points: Parent ID: | Points: 0.5 Reviewer: | Sponsor: ---------------------------------------+-----------------------------------
Comment (by arma): Nickm tells me he's confident that the sentinel patch (already applied back through 0.2.4) has resolved the security issue. So this is just to clean up the code to make things better for our future? That sounds like a great thing to put into Tor 0.3.0 (like the body of this ticket suggests). -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20894#comment:9> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs