- 04 Jan, 2017 1 commit
-
-
Karsten Loesing authored
-
- 20 Dec, 2016 1 commit
-
-
Nick Mathewson authored
This helps protect against bugs where any part of a buf_t's memory is passed to a function that expects a NUL-terminated input.
-
- 19 Dec, 2016 2 commits
-
-
Nick Mathewson authored
-
Nick Mathewson authored
In get_token(), we could read one byte past the end of the region. This is only a big problem in the case where the region itself is (a) potentially hostile, and (b) not explicitly nul-terminated. This patch fixes the underlying bug, and also makes sure that the one remaining case of not-NUL-terminated potentially hostile data gets NUL-terminated. Fix for bug 21018, TROVE-2016-12-002, and CVE-2016-1254
-
- 09 Dec, 2016 1 commit
-
-
Karsten Loesing authored
-
- 07 Nov, 2016 1 commit
-
-
Karsten Loesing authored
-
- 05 Oct, 2016 1 commit
-
-
Karsten Loesing authored
-
- 07 Sep, 2016 1 commit
-
-
Karsten Loesing authored
-
- 12 Aug, 2016 1 commit
-
-
Karsten Loesing authored
-
- 18 Jul, 2016 1 commit
-
-
Karsten Loesing authored
-
- 05 Jul, 2016 1 commit
-
-
Nick Mathewson authored
-
- 03 Jul, 2016 1 commit
-
-
Sebastian Hahn authored
It had been a directory authority since 0.2.1.20.
-
- 12 Jun, 2016 1 commit
-
-
Karsten Loesing authored
-
- 09 May, 2016 1 commit
-
-
Karsten Loesing authored
-
- 07 Apr, 2016 1 commit
-
-
Karsten Loesing authored
-
- 04 Mar, 2016 1 commit
-
-
Karsten Loesing authored
-
- 11 Feb, 2016 2 commits
-
-
Nick Mathewson authored
-
Nick Mathewson authored
Issues noted by cypherpunks on #18162
-
- 04 Feb, 2016 1 commit
-
-
Karsten Loesing authored
-
- 27 Jan, 2016 1 commit
-
-
Nick Mathewson authored
This closes bug 18162; bugfix on a45b1315, which fixed a related issue long ago. In addition to the #18162 issues, this fixes a signed integer overflow in smarltist_add_all(), which is probably not so great either.
-
- 07 Jan, 2016 2 commits
-
-
This new identity key was changed on 18 November 2015.
-
Karsten Loesing authored
-
- 08 Dec, 2015 3 commits
-
-
Nick Mathewson authored
-
-
Nick Mathewson authored
There was a dead check when we made sure that an array member of a struct was non-NULL. Tor has been doing this check since at least 0.2.3, maybe earlier. Fixes bug 17781.
-
- 05 Dec, 2015 1 commit
-
-
Karsten Loesing authored
-
- 09 Oct, 2015 1 commit
-
-
Karsten Loesing authored
-
- 24 Sep, 2015 1 commit
-
-
Karsten Loesing authored
-
- 29 Jul, 2015 1 commit
-
-
Karsten Loesing authored
-
- 25 Jun, 2015 2 commits
-
-
Nick Mathewson authored
-
Nick Mathewson authored
-
- 09 Jun, 2015 2 commits
-
-
Karsten Loesing authored
-
Karsten Loesing authored
-
- 27 Apr, 2015 2 commits
-
-
Nick Mathewson authored
-
Nick Mathewson authored
-
- 24 Apr, 2015 2 commits
-
-
Karsten Loesing authored
-
Karsten Loesing authored
-
- 06 Apr, 2015 3 commits
-
-
Nick Mathewson authored
-
Nick Mathewson authored
-
Nick Mathewson authored
-