Context Navigation

← Previous Ticket
Next Ticket →

#667 closed Bug (fixed)

remote crash exploit in bencode parser

Reported by:	ghazel	Owned by:
Priority:	Highest	Milestone:	1.04
Component:	Transmission	Version:	1.03
Severity:	Blocker	Keywords:
Cc:

Description

When parsing a very deep bencoded message, Tranmission can get a stack overflow. That means an attacked can send a protocol extension message consisting of many "l" characaters, creating a very, very deep bencoded structure.

Tested and does crash Transmission

Change History (4)

comment:1 Changed 13 years ago by eisa01

Does this affect 1.02 too, or only the trunk?

comment:2 Changed 13 years ago by charles

It affects all versions up through, and including, 1.03

comment:3 Changed 13 years ago by charles

Severity changed from Critical to Blocker
Version changed from 1.02+ to 1.02

We're working on a fix for this for a quick 1.04 release.

comment:4 Changed 13 years ago by charles

Milestone changed from None Set to 1.04
Resolution set to fixed
Status changed from new to closed
Version changed from 1.02 to 1.03

1.0x: r4875 trunk: r4876

Note: See TracTickets for help on using tickets.

Download in other formats: