Startsida Utforska Hjälp
Logga in
piros
/
tor
3
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Bläddra i källkod

Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4

Nick Mathewson 10 år sedan
förälder
9e44df2c98 65575b0755
incheckning
1d3ffc0ec9
2 ändrade filer med 7 tillägg och 0 borttagningar
Delad Vy Visa Diff Statistik
  1. 5 0
      changes/md_leak_bug
  2. 2 0
      src/or/routerparse.c

+ 5 - 0
changes/md_leak_bug
Visa fil 

@@ -0,0 +1,5 @@
 
+  o Major bugfixes (security, OOM)
 
+    - Fix a memory leak that could occur if a microdescriptor parse
 
+      fails during the tokenizing step. This could enable a memory
 
+      exhaustion attack by directory servers. Fixes bug #11649; bugfix
 
+      on 0.2.2.6-alpha.

+ 2 - 0
src/or/routerparse.c
Visa fil 

@@ -4374,11 +4374,13 @@ microdescs_parse_from_string(const char *s, const char *eos,
 
     microdesc_free(md);
 
     md = NULL;
 
 
+    SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
 
     memarea_clear(area);
 
     smartlist_clear(tokens);
 
     s = start_of_next_microdesc;
 
   }
 
 
+  SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
 
   memarea_drop_all(area);
 
   smartlist_free(tokens);