[tor-bugs] #30041 [Core Tor/Tor]: OOB access with huge buffers (src/lib/buf/buffers.c)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Apr 10 08:35:20 UTC 2019
#30041: OOB access with huge buffers (src/lib/buf/buffers.c)
-------------------------------------------------+-------------------------
Reporter: asn | Owner: (none)
Type: defect | Status:
| merge_ready
Priority: Medium | Milestone: Tor:
| 0.3.5.x-final
Component: Core Tor/Tor | Version: Tor:
| unspecified
Severity: Normal | Resolution:
Keywords: consider-backport-after-0405-alpha | Actual Points:
security-low hackerone bug-bounty |
029-backport 034-backport 035-backport |
040-backport 040-must |
Parent ID: | Points:
Reviewer: nickm | Sponsor:
-------------------------------------------------+-------------------------
Changes (by teor):
* keywords:
security-low hackerone bug-bounty 029-backport 034-backport
035-backport 040-backport 040-must
=>
consider-backport-after-0405-alpha security-low hackerone bug-bounty
029-backport 034-backport 035-backport 040-backport 040-must
* version: => Tor: unspecified
* milestone: Tor: 0.4.0.x-final => Tor: 0.3.5.x-final
Comment:
Allocating this backport one alpha's worth of testing: it seems like a
low-risk fix. (And we'd also like coverity to run on it.)
Merged to 0.4.0 and merged forward.
Merged #29922 with #30041.
Please remember to fill in the points and actual points!
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30041#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list