Commit caf2d478 authored by Ian Goldberg's avatar Ian Goldberg

Catch up the ChangeLog

parent ecfd4f46
* src/proto.c (otrl_proto_accept_data):
* src/proto.c (otrl_proto_fragment_accumulate):
* src/proto.c (otrl_proto_fragment_create): Prevent integer
overflow on 64-bit architectures when receiving 4GB messages.
In several places in proto.c, the sizes of portions of incoming
messages were stored in variables of type int or unsigned int
instead of size_t. If a message arrives with very large
sizes (for example unsigned int datalen = UINT_MAX), then
constructions like malloc(datalen+1) will turn into malloc(0),
which on some architectures returns a non-NULL pointer, but
UINT_MAX bytes will get written to that pointer. Ensure all
calls to malloc or realloc cannot integer overflow like this.
Thanks to Markus Vervier of X41 D-Sec GmbH
<> for the report.
* Protocol-v3.html: Clarify that instance tags and fragment
numbers in the OTR fragment format are allowed to have leading
0s. Also fix that how to handle v2 versus v3 messages for the
Reveal Signature and Signature messages was missing. Thanks to
Ola Bini <> for the report.
* src/instag.c (otrl_instag_read_FILEp): Fix memory leak in
otrl_instag_read_FILEp if the tag file is malformed. Thanks to
Jean-Philippe Aumasson <> for the
* src/message.c (otrl_message_receiving):
* src/proto.c (otrl_proto_create_data): Set to NULL the sendsmp
pointer when handling SMP to avoid a potential free() of an
uninitialized pointer. Also ensure the message pointer is set
to NULL in otrl_proto_create_data for extra precaution and to
prevent future code paths from having the same error. Thanks to
Nicolas Guigo <> and Ben Hawkes
<> for the report.
* Protocol-v3.html: Typo fixes, thanks to Hannes Mehnert
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment