[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #21278 [Core Tor/Tor]: Avoid signed integer underflow when comparing versions (Fix TROVE-2017-001)

Subject: Re: [tor-bugs] #21278 [Core Tor/Tor]: Avoid signed integer underflow when comparing versions (Fix TROVE-2017-001)
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 14 Feb 2017 21:06:24 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 14 Feb 2017 16:06:33 -0500
In-reply-to: <045.5dd33e67f27439bd6b289ce7246d7331@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <045.5dd33e67f27439bd6b289ce7246d7331@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#21278: Avoid signed integer underflow when comparing versions (Fix TROVE-2017-001)
--------------------------+------------------------------------
 Reporter:  nickm         |          Owner:  nickm
     Type:  defect        |         Status:  needs_revision
 Priority:  Medium        |      Milestone:  Tor: 0.3.0.x-final
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:  029-backport  |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------------------

Comment (by nickm):

 > Am I remembering correctly that only recent Tor branches have put
 expensive-hardening on by default? That is, the earlier fix for this TROVE
 (i.e. disabling ftrapv) only went into 0.2.9.x and 0.3.0.x?

 This bug affects everybody who has trapv or ubsan turned on.  In
 0.2.9.1-alpha, we turned trapv on by default, which caused this bug to
 affect 0.2.9.1-alpha through 0.2.9.8.

 This bug will still affect all older versions if they have --enable-
 expensive-hardening turned on.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21278#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #21406 [Core Tor/Tor]: The channel is_client flag is inaccurate
Next by Author: [tor-bugs] #21495 [Core Tor/Tor]: Fix scan-build warning: true and false branches are identical
Previous by thread: Re: [tor-bugs] #21278 [Core Tor/Tor]: Avoid signed integer underflow when comparing versions (Fix TROVE-2017-001)
Next by thread: Re: [tor-bugs] #21278 [Core Tor/Tor]: Avoid signed integer underflow when comparing versions (Fix TROVE-2017-001)
Index(es):
- Author
- Thread