[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #26514 [Applications/Tor Browser]: intermittent updater failures on Win64 (Error 19)
#26514: intermittent updater failures on Win64 (Error 19)
--------------------------------------+--------------------------
Reporter: mcs | Owner: tbb-team
Type: defect | Status: new
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: TorBrowserTeam201807 | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by mcs):
Adding logging that occurred after the signature verification failed was
helpful and allowed Kathy and me to pin down the cause of this bug in an
ESR52-based Tor Browser (but so far not the root cause).
The reason the signature verification fails is because a byte from the MAR
file that should be skipped when computing the SHA-512 hash is included in
the stream of bytes that is provided as input to the NSS hashing code.
The reason the extra byte is included is because (it seems) there is a bug
in the stdio functions that are used inside
`modules/libmar/verify/mar_verify.c` to read the MAR file. The bug is that
the file offset is incorrect (functions such as `ftello()` return a value
that is off by one), and when the code inside
`mar_verify_signatures_for_fp()` uses `fseeko()` to skip past the embedded
signature, the resulting file position is wrong.
The wrong file position in turn causes one byte from the signature (which
should have been skipped) to be used as input to the SHA-512 hashing code.
Game over.
My Windows debugging skills are limited, especially when working with
optimized builds. Ideally someone who has some experience with mingw-w64
internals would investigate further. I am not sure if this bug occurs with
our ESR60-based Tor Browser builds; we could not reproduce it there but it
is intermittent. The libmar code has not been modified much at all but
maybe something has been fixed inside mingw-w64. Kathy and I implemented a
workaround; I will attach the patch (which we can make available in a git
repo if we decide to use it).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26514#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs