[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #27741 [Core Tor/Tor]: too many arguments in rust protover_compute_vote()
#27741: too many arguments in rust protover_compute_vote()
-------------------------------------------------+-------------------------
Reporter: cyberpunks | Owner: nickm
Type: defect | Status:
| needs_review
Priority: Medium | Milestone: Tor:
| 0.3.5.x-final
Component: Core Tor/Tor | Version: Tor:
| 0.3.3.6
Severity: Normal | Resolution:
Keywords: 035-must, protover, memory-safety, | Actual Points:
033-backport, 034-backport |
Parent ID: #27739 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by teor):
Replying to [comment:8 cyberpunks]:
> If #27273 were fixed and there were rust + asan CI runs, would asan have
probably caught this?
Probably not:
* ASAN monitors RAM accesses, and the first few arguments are almost
always passed in registers
* ASAN can only find out of bounds accesses past a certain number of
bytes. 1 byte or 1 word might not be far enough.
Here are some things that probably would have caught the bug:
* using automated Rust to C function prototype generation (I'm sure we
have a ticket for this, but I can't find it right now)
* C to Rust unit tests (maybe depends on #25386?), if the values in the
uninitialised register weren't always zero, or if the architecture poisons
uninitialised registers
* fuzzing C against Rust (#27229), if the values in the uninitialised
register weren't always zero, or if the architecture poisons uninitialised
registers
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27741#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs