commit efb174df242adf964e383381d31b891c5f535f1f
parent 8e4965aa36d77aabb47b55eed69d7b9e23bef5d1
Author: Nick Mathewson <nickm@torproject.org>
Date: Mon, 15 Mar 2021 08:52:53 -0400
Merge branch 'maint-0.4.5'
Diffstat:
2 files changed, 11 insertions(+), 0 deletions(-)
diff --git a/changes/ticket40286_minimal b/changes/ticket40286_minimal
@@ -0,0 +1,5 @@
+ o Major bugfixes (denial of service):
+ - Disable the dump_desc() function that we used to dump unparseable
+ information to disk. It was called incorrectly in several places,
+ in a way that could lead to excessive CPU usage.
+ Fixes bug 40286; bugfix on 0.2.2.1-alpha.
diff --git a/src/feature/dirparse/unparseable.c b/src/feature/dirparse/unparseable.c
@@ -497,6 +497,12 @@ dump_desc,(const char *desc, const char *type))
{
tor_assert(desc);
tor_assert(type);
+#ifndef TOR_UNIT_TESTS
+ /* On older versions of Tor we are disabling this function, since it
+ * can be called with strings that are far too long. */
+ if (1)
+ return;
+#endif
size_t len;
/* The SHA256 of the string */
uint8_t digest_sha256[DIGEST256_LEN];
