Opened 15 years ago
Closed 15 years ago
#667 closed Bug (fixed)
remote crash exploit in bencode parser
Reported by: | ghazel | Owned by: | |
---|---|---|---|
Priority: | Highest | Milestone: | 1.04 |
Component: | Transmission | Version: | 1.03 |
Severity: | Blocker | Keywords: | |
Cc: |
Description
When parsing a very deep bencoded message, Tranmission can get a stack overflow. That means an attacked can send a protocol extension message consisting of many "l" characaters, creating a very, very deep bencoded structure.
Tested and does crash Transmission
Change History (4)
comment:1 Changed 15 years ago by eisa01
comment:2 Changed 15 years ago by charles
It affects all versions up through, and including, 1.03
comment:3 Changed 15 years ago by charles
- Severity changed from Critical to Blocker
- Version changed from 1.02+ to 1.02
We're working on a fix for this for a quick 1.04 release.
comment:4 Changed 15 years ago by charles
- Milestone changed from None Set to 1.04
- Resolution set to fixed
- Status changed from new to closed
- Version changed from 1.02 to 1.03
Note: See
TracTickets for help on using
tickets.
Does this affect 1.02 too, or only the trunk?