[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r8314: backport 8310 to 0.1.1, because of possible (minor) security (in tor/branches/tor-0_1_1-patches: . src/common src/or)
- To: or-cvs@xxxxxxxxxxxxx
- Subject: [or-cvs] r8314: backport 8310 to 0.1.1, because of possible (minor) security (in tor/branches/tor-0_1_1-patches: . src/common src/or)
- From: nickm@xxxxxxxx
- Date: Thu, 31 Aug 2006 15:11:15 -0400 (EDT)
- Delivered-to: archiver@seul.org
- Delivered-to: or-cvs-outgoing@seul.org
- Delivered-to: or-cvs@seul.org
- Delivery-date: Thu, 31 Aug 2006 15:11:22 -0400
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-cvs@xxxxxxxxxxxxx
Author: nickm
Date: 2006-08-31 15:11:14 -0400 (Thu, 31 Aug 2006)
New Revision: 8314
Modified:
tor/branches/tor-0_1_1-patches/ChangeLog
tor/branches/tor-0_1_1-patches/src/common/compat.h
tor/branches/tor-0_1_1-patches/src/common/util.c
tor/branches/tor-0_1_1-patches/src/or/config.c
tor/branches/tor-0_1_1-patches/src/or/routerparse.c
Log:
backport 8310 to 0.1.1, because of possible (minor) security implications on netbsd.
Modified: tor/branches/tor-0_1_1-patches/ChangeLog
===================================================================
--- tor/branches/tor-0_1_1-patches/ChangeLog 2006-08-31 18:52:05 UTC (rev 8313)
+++ tor/branches/tor-0_1_1-patches/ChangeLog 2006-08-31 19:11:14 UTC (rev 8314)
@@ -12,8 +12,10 @@
- Fix configure.in to not produce broken configure files with
more recent versions of autoconf. Thanks to Clint for his auto*
voodoo.
+ - Fix NetBSD bug that could allow someone to force uninitialized RAM
+ to be sent to a server's DNS resolver. This only effects NetBSD and
+ other platforms that that do not bounds-check tolower().
-
Changes in version 0.1.1.23 - 2006-07-30
o Major bugfixes:
- Fast Tor servers, especially exit nodes, were triggering asserts
Modified: tor/branches/tor-0_1_1-patches/src/common/compat.h
===================================================================
--- tor/branches/tor-0_1_1-patches/src/common/compat.h 2006-08-31 18:52:05 UTC (rev 8313)
+++ tor/branches/tor-0_1_1-patches/src/common/compat.h 2006-08-31 19:11:14 UTC (rev 8314)
@@ -115,6 +115,9 @@
#define TOR_ISDIGIT(c) isdigit((int)(unsigned char)(c))
#define TOR_ISPRINT(c) isprint((int)(unsigned char)(c))
+#define TOR_TOLOWER(c) (char)tolower((int)(unsigned char)(c))
+#define TOR_TOUPPER(c) (char)toupper((int)(unsigned char)(c))
+
#ifdef MS_WINDOWS
#define _SHORT_FILE_ (tor_fix_source_file(__FILE__))
const char *tor_fix_source_file(const char *fname);
Modified: tor/branches/tor-0_1_1-patches/src/common/util.c
===================================================================
--- tor/branches/tor-0_1_1-patches/src/common/util.c 2006-08-31 18:52:05 UTC (rev 8313)
+++ tor/branches/tor-0_1_1-patches/src/common/util.c 2006-08-31 19:11:14 UTC (rev 8314)
@@ -316,7 +316,7 @@
tor_strlower(char *s)
{
while (*s) {
- *s = tolower(*s);
+ *s = TOR_TOLOWER(*s);
++s;
}
}
@@ -327,7 +327,7 @@
tor_strupper(char *s)
{
while (*s) {
- *s = toupper(*s);
+ *s = TOR_TOUPPER(*s);
++s;
}
}
Modified: tor/branches/tor-0_1_1-patches/src/or/config.c
===================================================================
--- tor/branches/tor-0_1_1-patches/src/or/config.c 2006-08-31 18:52:05 UTC (rev 8313)
+++ tor/branches/tor-0_1_1-patches/src/or/config.c 2006-08-31 19:11:14 UTC (rev 8314)
@@ -1712,7 +1712,7 @@
*cp = '\0';
break;
}
- *cp = tolower(*cp);
+ *cp = TOR_TOLOWER(*cp);
}
/* Strip invalid characters. */
Modified: tor/branches/tor-0_1_1-patches/src/or/routerparse.c
===================================================================
--- tor/branches/tor-0_1_1-patches/src/or/routerparse.c 2006-08-31 18:52:05 UTC (rev 8313)
+++ tor/branches/tor-0_1_1-patches/src/or/routerparse.c 2006-08-31 19:11:14 UTC (rev 8314)
@@ -1275,7 +1275,7 @@
len = strlen(s);
cp = tmp = tor_malloc(len+2);
for (idx = 0; idx < len; ++idx) {
- tmp[idx] = tolower(s[idx]);
+ tmp[idx] = TOR_TOLOWER(s[idx]);
}
tmp[len]='\n';
tmp[len+1]='\0';