[tor-bugs] #2317 [Tor Client]: Missing sanity checks for cbtnummodes consensus parameter
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Mon Dec 27 16:58:40 UTC 2010
#2317: Missing sanity checks for cbtnummodes consensus parameter
------------------------+---------------------------------------------------
Reporter: Sebastian | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor Client | Version:
Keywords: | Parent:
------------------------+---------------------------------------------------
<doors> wtf. devs inserted trapdoors!?
"tor_malloc_zero(num_modes*sizeof(build_time_t))" how much? anything else?
I think what doors was referring to is that we don't do any sanity checks
on the value of the consensus parameter, so we can either request
ridiculous amounts of memory or worse request 0 modes. Since doors
immediately left irc I had no time to confirm if there was more.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2317>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list