[tor-bugs] #8037 [Tor]: Specialy crafter microdesc could trigger to flush up to 16MB uninited heap allocated memory to media

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Jan 26 23:02:39 UTC 2013

#8037: Specialy crafter microdesc could trigger to flush up to 16MB uninited heap
allocated memory to media
    Reporter:  cypherpunks  |       Owner:                    
        Type:  defect       |      Status:  needs_review      
    Priority:  minor        |   Milestone:  Tor: 0.2.4.x-final
   Component:  Tor          |     Version:                    
  Resolution:               |    Keywords:  tor-client easy   
      Parent:               |      Points:                    
Actualpoints:               |  
Changes (by nickm):

  * status:  reopened => needs_review


 So, there's a possible fix in branch "bug8037" in my public repository.
 But maybe we should just check for NUL bytes and reject the descriptor if
 they're present.

