[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #22746 [Core Tor/Tor]: CID 1413651: No retval check in ed25519_donna_blind_public_key()

Subject: [tor-bugs] #22746 [Core Tor/Tor]: CID 1413651: No retval check in ed25519_donna_blind_public_key()
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 28 Jun 2017 11:03:17 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 28 Jun 2017 07:03:31 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#22746: CID 1413651:  No retval check in ed25519_donna_blind_public_key()
------------------------------+--------------------------------
     Reporter:  asn           |      Owner:
         Type:  defect        |     Status:  new
     Priority:  Medium        |  Milestone:  Tor: 0.3.2.x-final
    Component:  Core Tor/Tor  |    Version:
     Severity:  Normal        |   Keywords:  coverity
Actual Points:                |  Parent ID:
       Points:  0.1           |   Reviewer:
      Sponsor:  SponsorR-can  |
------------------------------+--------------------------------
 {{{
 /src/ext/ed25519/donna/ed25519_tor.c: 307 in
 ed25519_donna_blind_public_key()
 301       ed25519_donna_gettweak(tweak, param);
 302       expand256_modm(t, tweak, 32);
 303
 304       /* No "ge25519_unpack", negate the public key. */
 305       memcpy(pkcopy, inp, 32);
 306       pkcopy[31] ^= (1<<7);
 >>>     CID 1413651:  Error handling issues  (CHECKED_RETURN)
 >>>     Calling "ge25519_unpack_negative_vartime" without checking return
 value (as is done elsewhere 4 out of 5 times).
 307       ge25519_unpack_negative_vartime(&A, pkcopy);
 308
 309       /* A' = [tweak] * A + [0] * basepoint. */
 310       ge25519_double_scalarmult_vartime(&Aprime, &A, t, zero);
 311       ge25519_pack(out, &Aprime);
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22746>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #22746 [Core Tor/Tor]: CID 1413651: No retval check in ed25519_donna_blind_public_key()
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #22746 [Core Tor/Tor]: CID 1413651: No retval check in ed25519_donna_blind_public_key()
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #22746 [Core Tor/Tor]: CID 1413651: No retval check in ed25519_donna_blind_public_key()
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #22746 [Core Tor/Tor]: CID 1413651: No retval check in ed25519_donna_blind_public_key()
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #22746 [Core Tor/Tor]: CID 1413651: No retval check in ed25519_donna_blind_public_key()
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #22683 [Metrics/Metrics website]: adapt metrics-web to metrics-lib 2.0.0/1.9.0 changes
Next by Author: Re: [tor-bugs] #22753 [Core Tor/Tor]: Resolve TROVE-2017-006: Regression in guard family avoidance in 0.3.0 series
Previous by thread: Re: [tor-bugs] #22745 [Core Tor/Tor]: Establish policy for writing regression tests
Next by thread: Re: [tor-bugs] #22746 [Core Tor/Tor]: CID 1413651: No retval check in ed25519_donna_blind_public_key()
Index(es):
- Author
- Thread