commit b9f65390089817a74bf20d93e93a15b41a970f79
parent fb2c889a388e85ca808e30106fd8a8194ed72f07
Author: Nick Mathewson <nickm@torproject.org>
Date: Mon, 15 Mar 2021 08:52:28 -0400
Merge branch 'maint-0.3.5' into maint-0.4.4
Diffstat:
2 files changed, 11 insertions(+), 0 deletions(-)
diff --git a/changes/ticket40286_minimal b/changes/ticket40286_minimal
@@ -0,0 +1,5 @@
+ o Major bugfixes (denial of service):
+ - Disable the dump_desc() function that we used to dump unparseable
+ information to disk. It was called incorrectly in several places,
+ in a way that could lead to excessive CPU usage.
+ Fixes bug 40286; bugfix on 0.2.2.1-alpha.
diff --git a/src/feature/dirparse/unparseable.c b/src/feature/dirparse/unparseable.c
@@ -497,6 +497,12 @@ dump_desc,(const char *desc, const char *type))
{
tor_assert(desc);
tor_assert(type);
+#ifndef TOR_UNIT_TESTS
+ /* On older versions of Tor we are disabling this function, since it
+ * can be called with strings that are far too long. */
+ if (1)
+ return;
+#endif
size_t len;
/* The SHA256 of the string */
uint8_t digest_sha256[DIGEST256_LEN];
