[tor-bugs] #12227 [Tor]: ASan stack-buffer-overflow in prune_v2_cipher_list -- not exploitable

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jun 9 03:56:40 UTC 2014


#12227: ASan stack-buffer-overflow in prune_v2_cipher_list  -- not exploitable
---------------------------+-------------------------------------
     Reporter:  starlight  |      Owner:
         Type:  defect     |     Status:  needs_revision
     Priority:  normal     |  Milestone:  Tor: 0.2.5.x-final
    Component:  Tor        |    Version:  Tor: 0.2.4.22
   Resolution:             |   Keywords:  tor-client 024-backport
Actual Points:             |  Parent ID:
       Points:             |
---------------------------+-------------------------------------

Comment (by cypherpunks):

 > In the long term, I think the right decision is to drop support for the
 Tor V2 link protocol handshake entirely, so we can remove this whole
 function.
 Then no difference to use SSLv3_method() or to pass 3 bytes if
 SSLv3_method() used. Both are kludge.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12227#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list