[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #17443 [Tor]: tor-gencert --passphrase-fd improperly checks for newline
#17443: tor-gencert --passphrase-fd improperly checks for newline
------------------------+------------------------------------
Reporter: junglefowl | Owner:
Type: defect | Status: needs_review
Priority: Medium | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version: Tor: 0.2.7.4-rc
Severity: Normal | Resolution:
Keywords: crash | Actual Points:
Parent ID: | Points:
Sponsor: |
------------------------+------------------------------------
Comment (by cypherpunks):
Replying to [comment:5 nickm]:
> I've done a slightly different fix as branch bug17443 in my public
repository at https://gitweb.torproject.org/nickm/tor.git/ . Please
review?
>
IMO it would be better, with regards to readability, if the passphrase
length was explicitly set to zero if no newline was found and do the
pointer subtraction otherwise. Furthermore, `buf` is still uninitialized.
Please initialize it to prevent future problems.
A minor nitpick is the typo in the commit message (//Hnadle// instead of
//Handle//).
What about the argument against limiting the passphrase as made in
[comment:2 comment 2] or is that for another ticket?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17443#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs