Loading changes/bug15064 0 → 100644 +4 −0 Original line number Diff line number Diff line o Major bugfixes (FreeBSD IPFW transparent proxy): - Fix address detection with FreeBSD transparent proxies, when "TransProxyType ipfw" is in use. Fixes bug 15064; bugfix on 0.2.5.4-alpha. changes/bug15205 0 → 100644 +5 −0 Original line number Diff line number Diff line o Major bugfixes (crash, OSX, security): - Fix a remote denial-of-service opportunity caused by a bug in OSX's _strlcat_chk() function. Fixes bug 15205; bug first appeared in OSX 10.9. src/common/compat.h +12 −0 Original line number Diff line number Diff line Loading @@ -224,6 +224,18 @@ extern INLINE double U64_TO_DBL(uint64_t x) { #define strncasecmp _strnicmp #define strcasecmp _stricmp #endif #if defined __APPLE__ /* On OSX 10.9 and later, the overlap-checking code for strlcat would * appear to have a severe bug that can sometimes cause aborts in Tor. * Instead, use the non-checking variants. This is sad. * * See https://trac.torproject.org/projects/tor/ticket/15205 */ #undef strlcat #undef strlcpy #endif #ifndef HAVE_STRLCAT size_t strlcat(char *dst, const char *src, size_t siz) ATTR_NONNULL((1,2)); #endif Loading src/or/connection_edge.c +2 −1 Original line number Diff line number Diff line Loading @@ -1531,7 +1531,8 @@ connection_ap_get_original_destination(entry_connection_t *conn, if (options->TransProxyType_parsed == TPT_PF_DIVERT) return destination_from_socket(conn, req); if (options->TransProxyType_parsed == TPT_DEFAULT) if (options->TransProxyType_parsed == TPT_DEFAULT || options->TransProxyType_parsed == TPT_IPFW) return destination_from_pf(conn, req); (void)conn; Loading Loading
changes/bug15064 0 → 100644 +4 −0 Original line number Diff line number Diff line o Major bugfixes (FreeBSD IPFW transparent proxy): - Fix address detection with FreeBSD transparent proxies, when "TransProxyType ipfw" is in use. Fixes bug 15064; bugfix on 0.2.5.4-alpha.
changes/bug15205 0 → 100644 +5 −0 Original line number Diff line number Diff line o Major bugfixes (crash, OSX, security): - Fix a remote denial-of-service opportunity caused by a bug in OSX's _strlcat_chk() function. Fixes bug 15205; bug first appeared in OSX 10.9.
src/common/compat.h +12 −0 Original line number Diff line number Diff line Loading @@ -224,6 +224,18 @@ extern INLINE double U64_TO_DBL(uint64_t x) { #define strncasecmp _strnicmp #define strcasecmp _stricmp #endif #if defined __APPLE__ /* On OSX 10.9 and later, the overlap-checking code for strlcat would * appear to have a severe bug that can sometimes cause aborts in Tor. * Instead, use the non-checking variants. This is sad. * * See https://trac.torproject.org/projects/tor/ticket/15205 */ #undef strlcat #undef strlcpy #endif #ifndef HAVE_STRLCAT size_t strlcat(char *dst, const char *src, size_t siz) ATTR_NONNULL((1,2)); #endif Loading
src/or/connection_edge.c +2 −1 Original line number Diff line number Diff line Loading @@ -1531,7 +1531,8 @@ connection_ap_get_original_destination(entry_connection_t *conn, if (options->TransProxyType_parsed == TPT_PF_DIVERT) return destination_from_socket(conn, req); if (options->TransProxyType_parsed == TPT_DEFAULT) if (options->TransProxyType_parsed == TPT_DEFAULT || options->TransProxyType_parsed == TPT_IPFW) return destination_from_pf(conn, req); (void)conn; Loading
