[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #2385 [Tor Hidden Services]: rendservice.c: cleanup stack stored key material

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #2385 [Tor Hidden Services]: rendservice.c: cleanup stack stored key material
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Sat, 16 Jun 2012 02:16:55 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 15 Jun 2012 22:17:08 -0400
In-reply-to: <051.1a59702fd95bbf92b9b22bda3ec5da12@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <051.1a59702fd95bbf92b9b22bda3ec5da12@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#2385: rendservice.c: cleanup stack stored key material
-----------------------------------+----------------------------------------
    Reporter:  cypherpunks         |        Type:  defect             
      Status:  new                 |    Priority:  normal             
   Milestone:  Tor: 0.2.3.x-final  |   Component:  Tor Hidden Services
     Version:                      |    Keywords:  audit              
      Parent:                      |      Points:                     
Actualpoints:                      |  
-----------------------------------+----------------------------------------

Comment(by andrea):

 The following instances of keys and key-derived material on the stack or
 heap occur.  Whenever on the stack, we must be sure they are zeroed before
 the function returns.  Whenever on the heap, zero before they are freed.

  * rendclient.c:
    * rend_client_send_introduction() (line 124)
      * Payload contains hashed key on stack
    * rend_client_refetch_v2_renddesc() (line 624)
      * Descriptor ID on stack
    * rend_client_receive_rendezvous() (line 844)
      * Descriptor cookie and keys on stack
    * rend_parse_service_authorization() (line 1167)
      * Descriptor cookie on heap
  * rendservice.c:
    * rend_service_load_keys() (line 615)
      * Keys allocated on the heap
      * Descriptor cookies on the stack
    * rend_service_introduce() (line 1038)
      * Keys, digest, descriptor cookies on stack
    * rend_service_intro_has_opened() (line 1562)
      * Keys, digest on stack
    * rend_service_rendezvous_has_opened()
      * Descriptor cookie on stack

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2385#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #6174 [Tor Client]: De-kludgify marking circs as unsuitable for new streams
Next by Author: Re: [tor-bugs] #2385 [Tor Hidden Services]: rendservice.c: cleanup stack stored key material
Previous by thread: Re: [tor-bugs] #2385 [Tor Hidden Services]: rendservice.c: cleanup stack stored key material
Next by thread: Re: [tor-bugs] #2385 [Tor Hidden Services]: rendservice.c: cleanup stack stored key material
Index(es):
- Author
- Thread