[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #17658 [Tor]: Check buffer lengths and HMAC return value in crypto.c

Subject: Re: [tor-bugs] #17658 [Tor]: Check buffer lengths and HMAC return value in crypto.c
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 25 Nov 2015 18:59:28 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 25 Nov 2015 13:59:36 -0500
In-reply-to: <044.280a3d644e62dc348c2a7142058f1e7d@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.280a3d644e62dc348c2a7142058f1e7d@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#17658: Check buffer lengths and HMAC return value in crypto.c
--------------------+------------------------------------
 Reporter:  teor    |          Owner:
     Type:  defect  |         Status:  needs_review
 Priority:  High    |      Milestone:  Tor: 0.2.8.x-final
Component:  Tor     |        Version:
 Severity:  Normal  |     Resolution:
 Keywords:          |  Actual Points:
Parent ID:          |         Points:
  Sponsor:          |
--------------------+------------------------------------

Comment (by nickm):

 I like 1ece83aa and fe5f43b0 just fine, but the one with all the new
 asserts looks maybe-wrong to me.  The reason that we had to
 tor_assert(len<INT_MAX) in some cases before was that we were about to
 cast len to int in order to pass it to an openssl API that was written to
 accept int rather than size_t.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17658#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #17658 [Tor]: Check buffer lengths and HMAC return value in crypto.c
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #17689 [general]: Depictor should use extra-info fields for download times
Next by Author: Re: [tor-bugs] #17658 [Tor]: Check buffer lengths and HMAC return value in crypto.c
Previous by thread: Re: [tor-bugs] #17658 [Tor]: Check buffer lengths and HMAC return value in crypto.c
Next by thread: Re: [tor-bugs] #17658 [Tor]: Check buffer lengths and HMAC return value in crypto.c
Index(es):
- Author
- Thread