Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Trac Trac
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Service Desk
    • Milestones
  • Monitor
    • Monitor
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value stream
  • Wiki
    • Wiki
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar
  • Legacy
  • TracTrac
  • Issues
  • #11649
Closed (moved) (moved)
Open
Created Apr 29, 2014 by Nick Mathewson@nickm🐛

Memory leak when parsing broken microdescriptors

When we're parsing microdescriptors, we don't clear the dynamically allocated part of the tokens after parsing. This can leak memory if the microdescriptors are badly formed.

This can enable a comparatively slow denial of service (on the order of several MB per MD download request made to a hostile source), and needs to be patched.

Found as a needle in the haystack of #11618 (moved).

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking