[tor-bugs] #21278 [Core Tor/Tor]: Avoid signed integer underflow when comparing versions (Fix TROVE-2017-001)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Feb 14 21:34:02 UTC 2017
#21278: Avoid signed integer underflow when comparing versions (Fix TROVE-2017-001)
--------------------------+------------------------------------
Reporter: nickm | Owner: nickm
Type: defect | Status: needs_review
Priority: Medium | Milestone: Tor: 0.3.0.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: 029-backport | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+------------------------------------
Changes (by nickm):
* status: needs_revision => needs_review
Comment:
Okay. So here's where we stand:
* I have a `bug21278_024_v4` that has only the minimal fix for the
integer issue. I propose that it go into 0.2.4.
* I have a `bug21278_redux_029` that blocks the bogus versions at the
directory level, and includes a changes file and roger's function
documentation. I propose that it go into 0.2.9.
* I agree that it's okay to merge bug21278_024_v2_extra to 0.2.9. I have
a `bug21278_extra_029` branch to port those forward. I'm okay with taking
that in 0.2.9 or 0.3.0.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21278#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list