memarea_overflow 388 B

1234567
  1. o Minor bugfixes (pointer arithmetic):
  2. - Fix a bug in memarea_alloc() that could have resulted in remote heap
  3. write access, if Tor had ever passed an unchecked size to
  4. memarea_alloc(). Fortunately, all the sizes we pass to memarea_alloc()
  5. are pre-checked to be less than 128 kilobytes. Fixes bug 19150; bugfix
  6. on 0.2.1.1-alpha. Bug found by Guido Vranken.