[tor-bugs] #19281 [Core Tor/Tor]: Potential heap corruption via `write_escaped_data` in control.c
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Aug 24 13:26:56 UTC 2017
#19281: Potential heap corruption via `write_escaped_data` in control.c
-------------------------------------------------+-------------------------
Reporter: asn | Owner: nickm
Type: defect | Status: closed
Priority: High | Milestone: Tor:
| 0.3.2.x-final
Component: Core Tor/Tor | Version: Tor:
| unspecified
Severity: Normal | Resolution: fixed
Keywords: tor-bug-bounty, heap-correctness, | Actual Points:
disaster-waiting-to-happen, review-group-22 |
Parent ID: | Points: 0.5
Reviewer: dgoulet | Sponsor:
| SponsorV-can
-------------------------------------------------+-------------------------
Changes (by nickm):
* status: merge_ready => closed
* resolution: => fixed
Comment:
Yeah, I don't think this can happen either, but guido has a pretty good
track record, and we might as well fix all the stuff he found. Code
that's harmless today can become harmful tomorrow if somebody changes it
or copies under the assumption that it was correct to start with.
Merging to 0.3.2, no backport.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19281#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list