[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #27730 [Core Tor/Tor]: CID 1439330: "st.st_size > 9223372036854775807L" is always false

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #27730 [Core Tor/Tor]: CID 1439330: "st.st_size > 9223372036854775807L" is always false
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 17 Sep 2018 23:58:23 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 17 Sep 2018 19:58:33 -0400
In-reply-to: <044.640626b65b726955e596c6f3ac018954@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.640626b65b726955e596c6f3ac018954@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#27730: CID 1439330: "st.st_size > 9223372036854775807L" is always false
--------------------------+------------------------------------
 Reporter:  teor          |          Owner:  nickm
     Type:  defect        |         Status:  closed
 Priority:  Medium        |      Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:  fixed
 Keywords:  coverity      |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------------------

Comment (by teor):

 Replying to [comment:3 cyberpunks]:
 > This check was completely redundant anyway, actually. There would be a
 potential memory leak here, where buf is non-null but the length is
 impossibly long, except it can't happen because even ignoring running out
 of ram, `read_file_to_str()` calls a function that
 [https://gitweb.torproject.org/tor.git/tree/src/lib/fs/files.c?id=f606b3cfd157dc52872e8b40a9a042861d9246e1#n186
 makes the same check against SSIZE_MAX already.]

 We don't mind a few redundant checks: they are a defence in depth. It's
 easy to forget to do a size check.

 Also, this cast might have unexpected results if off_t and ssize_t are
 different types:
 {{{
 (ssize_t)st.st_size
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27730#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #27730 [Core Tor/Tor]: CID 1439330: "st.st_size > 9223372036854775807L" is always false
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #10266 [HTTPS Everywhere/EFF-HTTPS Everywhere]: New rules for fanfiction sites
Next by Author: Re: [tor-bugs] #24393 [Core Tor/Tor]: Clients should check IPv4 and IPv6 subnets when choosing circuit paths
Previous by thread: Re: [tor-bugs] #27730 [Core Tor/Tor]: CID 1439330: "st.st_size > 9223372036854775807L" is always false
Next by thread: [tor-bugs] #27731 [Core Tor/Tor]: tor restart loop: "The missing protocols are: LinkAuth=1"
Index(es):
- Author
- Thread