[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #20894 [Core Tor/Tor]: Resolve read-off-end-of-buffer on atoi in fetch_from_buf_http (TROVE-2016-10-001)



#20894: Resolve read-off-end-of-buffer on atoi in fetch_from_buf_http
(TROVE-2016-10-001)
---------------------------------------+-----------------------------------
 Reporter:  teor                       |          Owner:  nickm
     Type:  defect                     |         Status:  needs_revision
 Priority:  High                       |      Milestone:  Tor:
                                       |  0.3.0.x-final
Component:  Core Tor/Tor               |        Version:  Tor: unspecified
 Severity:  Normal                     |     Resolution:
 Keywords:  tor-03-unspecified-201612  |  Actual Points:
Parent ID:                             |         Points:  0.5
 Reviewer:                             |        Sponsor:
---------------------------------------+-----------------------------------

Comment (by arma):

 Nickm tells me he's confident that the sentinel patch (already applied
 back through 0.2.4) has resolved the security issue. So this is just to
 clean up the code to make things better for our future? That sounds like a
 great thing to put into Tor 0.3.0 (like the body of this ticket suggests).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20894#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs