[tor-bugs] #19223 [Core Tor/Tor]: Potential heap corruption in do_getpass in routerkeys.c
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Oct 10 16:11:26 UTC 2016
#19223: Potential heap corruption in do_getpass in routerkeys.c
-------------------------------------------------+-------------------------
Reporter: asn | Owner:
Type: defect | Status:
| merge_ready
Priority: Low | Milestone: Tor:
| 0.2.9.x-final
Component: Core Tor/Tor | Version: Tor:
| unspecified
Severity: Normal | Resolution:
Keywords: tor-bug-bounty, 028-backport, | Actual Points:
isaremoved, nickwants029, review-group-10 |
Parent ID: | Points: 0.5
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by asn):
* status: needs_review => merge_ready
Comment:
Hello,
I reviewed nherring's patch and it seems alright. I also tested it against
Guido's PoC and ASAN does not crash anymore.
BTW, since no branch was provided, I pushed nherring's patch on my repo as
`bug19223` and also added a changes file. Please check it out.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19223#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list