Commit 5ec57961 authored by Nick Mathewson's avatar Nick Mathewson 👁
Browse files

Merge branch 'maint-0.3.5' into maint-0.4.4

parents 2eb900f7 f078aab7
o Major bugfixes (security, denial of service):
- Fix a bug in appending detached signatures to a pending consensus
document that could be used to crash a directory authority.
Fixes bug 40316; bugfix on Tracked as
TROVE-2021-002 and CVE-2021-28090.
......@@ -3576,7 +3576,7 @@ dirvote_add_signatures_to_pending_consensus(
strlen(pc->body) + strlen(new_signatures) + 1;
pc->body = tor_realloc(pc->body, new_consensus_len);
dst_end = pc->body + new_consensus_len;
dst = strstr(pc->body, "directory-signature ");
dst = (char *) find_str_at_start_of_line(pc->body, "directory-signature ");
strlcpy(dst, new_signatures, dst_end-dst);
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment