[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #26514 [Applications/Tor Browser]: intermittent updater failures on Win64 (Error 19)



#26514: intermittent updater failures on Win64 (Error 19)
--------------------------------------+--------------------------
 Reporter:  mcs                       |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Very High                 |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  TorBrowserTeam201807      |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by gk):

 Replying to [comment:7 mcs]:
 > Adding logging that occurred after the signature verification failed was
 helpful and allowed Kathy and me to pin down the cause of this bug in an
 ESR52-based Tor Browser (but so far not the root cause).
 >
 > The reason the signature verification fails is because a byte from the
 MAR file that should be skipped when computing the SHA-512 hash is
 included in the stream of bytes that is provided as input to the NSS
 hashing code.
 >
 > The reason the extra byte is included is because (it seems) there is a
 bug in the stdio functions that are used inside
 `modules/libmar/verify/mar_verify.c` to read the MAR file. The bug is that
 the file offset is incorrect (functions such as `ftello()` return a value
 that is off by one), and when the code inside
 `mar_verify_signatures_for_fp()` uses `fseeko()` to skip past the embedded
 signature, the resulting file position is wrong.
 >
 > The wrong file position in turn causes one byte from the signature
 (which should have been skipped) to be used as input to the SHA-512
 hashing code. Game over.
 >
 > My Windows debugging skills are limited, especially when working with
 optimized builds. Ideally someone who has some experience with mingw-w64
 internals would investigate further. I am not sure if this bug occurs with
 our ESR60-based Tor Browser builds; we could not reproduce it there but it
 is intermittent. The libmar code has not been modified much at all but
 maybe something has been fixed inside mingw-w64.

 Aewsome work! I think we could test the latter hypothesis by recompiling
 an ESR52-based Tor Browser with the mingw-w64 toolchain we use for ESR60,
 no? If so, let's do that.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26514#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs