tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit f46f4562cf6f47fe6c00752f61b04dc18a454253
parent 1a0b5fd569684fc2d75436f7b3befcc5652c87e1
Author: Nick Mathewson <nickm@torproject.org>
Date:   Mon, 15 Mar 2021 08:41:03 -0400

Merge branch 'bug40286_disable_min_035' into maint-0.3.5

Diffstat:

Achanges/ticket40286_minimal | 5+++++


Msrc/feature/dirparse/unparseable.c | 6++++++


2 files changed, 11 insertions(+), 0 deletions(-)

diff --git a/changes/ticket40286_minimal b/changes/ticket40286_minimal
@@ -0,0 +1,5 @@
+  o Major bugfixes (denial of service):
+    - Disable the dump_desc() function that we used to dump unparseable
+      information to disk. It was called incorrectly in several places,
+      in a way that could lead to excessive CPU usage.
+      Fixes bug 40286; bugfix on 0.2.2.1-alpha.
diff --git a/src/feature/dirparse/unparseable.c b/src/feature/dirparse/unparseable.c
@@ -492,6 +492,12 @@ dump_desc,(const char *desc, const char *type))
 {
   tor_assert(desc);
   tor_assert(type);
+#ifndef TOR_UNIT_TESTS
+  /* On older versions of Tor we are disabling this function, since it
+   * can be called with strings that are far too long. */
+  if (1)
+    return;
+#endif
   size_t len;
   /* The SHA256 of the string */
   uint8_t digest_sha256[DIGEST256_LEN];