#19281: Potential heap corruption via `write_escaped_data` in control.c
-------------------------------------------------+-------------------------
Reporter: asn | Owner: nickm
Type: defect | Status: closed
Priority: High | Milestone: Tor:
| 0.3.2.x-final
Component: Core Tor/Tor | Version: Tor:
| unspecified
Severity: Normal | Resolution: fixed
Keywords: tor-bug-bounty, heap-correctness, | Actual Points:
disaster-waiting-to-happen, review-group-22 |
Parent ID: | Points: 0.5
Reviewer: dgoulet | Sponsor:
| SponsorV-can
-------------------------------------------------+-------------------------
Changes (by nickm):
* status: merge_ready => closed
* resolution: => fixed
Comment:
Yeah, I don't think this can happen either, but guido has a pretty good
track record, and we might as well fix all the stuff he found. Code
that's harmless today can become harmful tomorrow if somebody changes it
or copies under the assumption that it was correct to start with.
Merging to 0.3.2, no backport.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19281#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
