[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #17852 [Tor]: Tor Daemon hardening
#17852: Tor Daemon hardening
----------------------+------------------------------------
Reporter: jsturgix | Owner:
Type: defect | Status: needs_revision
Priority: Medium | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version: Tor: 0.2.7
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Sponsor: |
----------------------+------------------------------------
Changes (by nickm):
* status: needs_review => needs_revision
Comment:
86a5305d46175c5d0c67564d3ee4e86a27f0c460:
* strlcat only works here if UNICODE is not defined. Otherwise this
breaks UNICODE builds, I think.
191b8d8b7885609006062da7d7ef8bef7a4161a8:
* realpath replaces .. and . and resolves symlinks. Will this new
behavior hurt anything?
* The return value from realpath() is allocated with malloc(). This
means that if tor_malloc is *not* just based on malloc, we will later fail
when we tor_free on the pointer.
* ... ah, never mind, you reverted it. :)
28241bd4b47bdf4616a237f1bf28c9d65c9373af:
* This seems to break the semantics for CPD_CHECK; see the documentation
at the head of the function.
Otherwise this stuff looks fine!
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17852#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs