[tor-bugs] #15901 [Tor]: apparent memory corruption -- very difficult to isolate
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Aug 23 22:54:36 UTC 2015
#15901: apparent memory corruption -- very difficult to isolate
---------------------------+--------------------------------
Reporter: starlight | Owner:
Type: defect | Status: new
Priority: critical | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version: Tor: 0.2.6.10
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
---------------------------+--------------------------------
Comment (by starlight):
The corrupt store consists of "n rHDXjA" and does
not appear to be a memory address or typical integer.
However this fragment appears in another descriptor:
{{{
r FBIPartyTrain rHDXjAZho0VTaXtMkOjCyGF1QW0 vtGOeTZ3wDFo4Dx70WWeGMlO4gs
2015-08-17 08:56:42 24.214.139.69 9001 25565
s Running Stable V2Dir Valid
v Tor 0.2.5.12
w Bandwidth=21
p reject 1-65535
}}}
The two values are exactly 13372 bytes distant from each
other, with the source (above) appearing at the lower
memory address. The distance is such that one can
imagine a pointer manipulation bug.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15901#comment:22>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list