[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-relays] URGENT: active OpenSSL "Heartbleed" attack on Tor Nodes
Have been running Tor relay with
AddressSanitizer and it crashed this
morning. I thought it was related to
the system being close to running out of
free memory until I read about the new
OpenSSL vulnerability.
Anyone running a Tor relay with OpenSSL
1.0.1 should update the library or
rebuild against an older version
immediately!!!!
=================================================================
==18238== ERROR: AddressSanitizer: unknown-crash on address 0x????017???0b at pc 0x????8e4???47 bp 0x????be7???f0 sp 0x????be7???b0
READ of size 65535 at 0x?????017???0b thread T0
#0 0x????8e4???46 (/usr/local/lib64/libasan.so.0.0.0+0x???6)
#1 0x????8db???e6 (/usr/local/lib64/libssl.so.1.0.0+0x???e6)
#2 0x????8db???4e (/usr/local/lib64/libssl.so.1.0.0+0x???4e)
#3 0x????8db???1a (/usr/local/lib64/libssl.so.1.0.0+0x???1a)
#4 0x????8db???b7 (/usr/local/lib64/libssl.so.1.0.0+0x???b7)
#5 0x????8db???c7 (/usr/local/lib64/libssl.so.1.0.0+0x???c7)
#6 0x????918???8b (/usr/local/bin/tor-sanitize-0.2.4.18-rc+0x???58b)
#7 0x????918???9b (/usr/local/bin/tor-sanitize-0.2.4.18-rc+0x???89b)
#8 0x????917???5c (/usr/local/bin/tor-sanitize-0.2.4.18-rc+0x???65c)
#9 0x????916???0c (/usr/local/bin/tor-sanitize-0.2.4.18-rc+0x???0c)
#10 0x????8dd???53 (/usr/local/lib64/libevent-2.0.so.5.1.9+0x???53)
#11 0x????916???1d (/usr/local/bin/tor-sanitize-0.2.4.18-rc+0x???1d)
#12 0x????916???88 (/usr/local/bin/tor-sanitize-0.2.4.18-rc+0x???88)
#13 0x????916???0b (/usr/local/bin/tor-sanitize-0.2.4.18-rc+0x???0b)
#14 0x????8cf???29 (/lib64/libc-2.8.so+0x???9)
#15 0x????916???d8 (/usr/local/bin/tor-sanitize-0.2.4.18-rc+0x???d8)
0x????017???48 is located 0 bytes to the right of 17736-byte region [0x????017???00,0x????017???48)
allocated by thread T0 here:
#0 0x????8e4???7a (/usr/local/lib64/libasan.so.0.0.0+0x???7a)
#1 0x????8d7???32 (/usr/local/lib64/libcrypto.so.1.0.0+0x???32)
Shadow bytes around the buggy address:
0x????c02???f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x????c02???00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x????c02???10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x????c02???20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x????c02???30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x????c02???40: 00[00]00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x????c02???50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x????c02???60: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x????c02???70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x????c02???80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x????c02???90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap righ redzone: fb
Freed Heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
ASan internal: fe
==18238== ABORTING
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays