[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #8793 [Tor]: Resolve clang scan-build issues



#8793: Resolve clang scan-build issues
------------------------+-------------------------------------------------
     Reporter:  nickm   |      Owner:  nickm
         Type:  defect  |     Status:  needs_review
     Priority:  normal  |  Milestone:  Tor: 0.2.5.x-final
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:  tor-client 024-backport 025-triaged
Actual Points:          |  Parent ID:
       Points:          |
------------------------+-------------------------------------------------

Comment (by nickm):

 > * 0fd0f5f7a9309fb90a6a4d8bad7d6399a45c7cc1 looks like a definite win
 >          - Could the bug it fixes ever arise under attacker control?

 That depends on whether the LD_BUG messages it's fixing can actually
 occur.  They're not in any released Tor yet, though: They affect code that
 was added for 9841, though, which hasn't been in any Tor release yet.

 >        * 4d51dcda2fa75a3841e041ab7c3de325d73e2850
 >          - But at least in theory we could have a hash table that large
 on a 64-bit
 >            platform
 >          - The numeric overflow would still be present because
 name##_PRIMES[]
 >            would still be an unsigned int.

 Yes, but we multiply that uint by a size_t , which does an integer
 promotion.  So it it won't overflow on 64-bit.

 >        * 9c9e07963dddff6e11330e9dc8ad7a6d37da4aa4
 >          - This patch looks okay but it overallocates slightly in the
 common
 >            case.  Maybe malloc(len*2+ellipses+1) rather than
 malloc(len*2+4) ?

 I'm okay wasting 3 bytes when reporting a tt_mem_op() failure in the
 tests.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8793#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs