Opened 3 years ago

Closed 3 years ago

#24736 closed defect (fixed)

Clear the address when fascist_firewall_choose_address_base() can't find an address

Reported by: teor Owned by: teor
Priority: Medium Milestone: Tor: 0.2.9.x-final
Component: Core Tor/Tor Version: Tor:
Severity: Normal Keywords: ipv6, memory-safety, security-low, 028-backport, 029-backport, 030-backport, 031-backport, 032-backport
Cc: Actual Points: 0.2
Parent ID: #23975 Points: 0.2
Reviewer: Sponsor:


We should do this as a precaution, so we're not re-using an uninitialised address.

This is similar to #23874.

Child Tickets

Change History (2)

comment:1 Changed 3 years ago by teor

Keywords: 028-backport 029-backport 030-backport 031-backport 032-backport added
Milestone: Tor: 0.3.3.x-finalTor: 0.3.2.x-final
Status: assignedneeds_review

Please see my branch bug24736_028.

I think we might want to backport it to 0.2.8 and later as a precaution, even though I couldn't find any memory disclosures.

comment:2 Changed 3 years ago by nickm

Milestone: Tor: 0.3.2.x-finalTor: 0.2.9.x-final
Resolution: fixed
Status: needs_reviewclosed

Merged to 0.2.9 and forward; skipping 0.2.8 because it is EOL.

Note: See TracTickets for help on using tickets.