bug20894 581 B

123456789
  1. o Major bugfixes (HTTP, parsing):
  2. - When parsing a malformed content-length field from an HTTP message,
  3. do not read off the end of the buffer. This bug was a potential
  4. remote denial-of-service attack against Tor clients and relays.
  5. A workaround was released in October 2016, which prevents this
  6. bug from crashing Tor. This is a fix for the underlying issue,
  7. which should no longer matter (if you applied the earlier patch).
  8. Fixes bug 20894; bugfix on 0.2.0.16-alpha. Bug found by fuzzing
  9. using AFL (http://lcamtuf.coredump.cx/afl/).