[tor-bugs] #12227 [Tor]: ASan stack-buffer-overflow in prune_v2_cipher_list -- not exploitable

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Jun 8 03:46:21 UTC 2014


#12227: ASan stack-buffer-overflow in prune_v2_cipher_list  -- not exploitable
---------------------------+---------------------------
     Reporter:  starlight  |      Owner:
         Type:  defect     |     Status:  new
     Priority:  normal     |  Milestone:
    Component:  Tor        |    Version:  Tor: 0.2.4.22
   Resolution:             |   Keywords:
Actual Points:             |  Parent ID:
       Points:             |
---------------------------+---------------------------

Comment (by starlight):

 After spending a day fixing this bug, I have
 to wonder, why is SSLv2 still active in the
 code?

 I gather SSLv2 is usually kept around as a way to
 force older software peers to negotiate to SSLv3
 or TLS.   However Tor OR relays only communicate
 with other OR relays and since SSLv2 has been
 deprecated for so long, why not just disable
 it entirely?

 Or is this bit of code strictly internal and
 exists to underpin the newer protocols?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12227#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list