Handle NULL input to protover_compute_for_old_tor()

author Nick Mathewson <nickm@torproject.org>

Sat, 11 Nov 2017 18:56:35 +0000 (13:56 -0500)

committer Nick Mathewson <nickm@torproject.org>

Mon, 27 Nov 2017 20:16:30 +0000 (15:16 -0500)
author Nick Mathewson <nickm@torproject.org>
Sat, 11 Nov 2017 18:56:35 +0000 (13:56 -0500)
committer Nick Mathewson <nickm@torproject.org>
Mon, 27 Nov 2017 20:16:30 +0000 (15:16 -0500)
diff --git a/changes/trove-2017-010 b/changes/trove-2017-010

new file mode 100644 (file)

index 0000000..d5bf933
--- /dev/null
+++ b/changes/trove-2017-010
@@ -0,0 +1,6 @@
+  o Major bugfixes (security):
+    - Fix a denial-of-service issue where an attacker could crash
+      a directory authority using a malformed router descriptor.
+      Fixes bug 24245; bugfix on 0.2.9.4-alpha. Also tracked
+      as TROVE-2017-010 and CVE-2017-8820.
+
diff --git a/src/or/protover.c b/src/or/protover.c

index 0a4d4fb8fd0a2b0ac64f96e2a50555e8932d19f0..98957cabdf04870b593ba4d55c702f146e05501c 100644 (file)
--- a/src/or/protover.c
+++ b/src/or/protover.c
@@ -694,6 +694,11 @@ protocol_list_contains(const smartlist_t *protos,
  const char *
  protover_compute_for_old_tor(const char *version)
  {
+  if (version == NULL) {
+    /* No known version; guess the oldest series that is still supported. */
+    version = "0.2.5.15";
+  }
+
    if (tor_version_as_new_as(version,
                              FIRST_TOR_VERSION_TO_ADVERTISE_PROTOCOLS)) {
      return "";
author	Nick Mathewson <nickm@torproject.org>
	Sat, 11 Nov 2017 18:56:35 +0000 (13:56 -0500)
committer	Nick Mathewson <nickm@torproject.org>
	Mon, 27 Nov 2017 20:16:30 +0000 (15:16 -0500)
changes/trove-2017-010	[new file with mode: 0644]	patch \| blob
src/or/protover.c		patch \| blob \| blame \| history