[tbb-bugs] #26514 [Applications/Tor Browser]: intermittent updater failures on Win64 (Error 19)

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jul 23 07:31:10 UTC 2018

#26514: intermittent updater failures on Win64 (Error 19)
 Reporter:  mcs                       |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Very High                 |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  TorBrowserTeam201807      |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:

Comment (by gk):

 Replying to [comment:7 mcs]:
 > Adding logging that occurred after the signature verification failed was
 helpful and allowed Kathy and me to pin down the cause of this bug in an
 ESR52-based Tor Browser (but so far not the root cause).
 > The reason the signature verification fails is because a byte from the
 MAR file that should be skipped when computing the SHA-512 hash is
 included in the stream of bytes that is provided as input to the NSS
 hashing code.
 > The reason the extra byte is included is because (it seems) there is a
 bug in the stdio functions that are used inside
 `modules/libmar/verify/mar_verify.c` to read the MAR file. The bug is that
 the file offset is incorrect (functions such as `ftello()` return a value
 that is off by one), and when the code inside
 `mar_verify_signatures_for_fp()` uses `fseeko()` to skip past the embedded
 signature, the resulting file position is wrong.
 > The wrong file position in turn causes one byte from the signature
 (which should have been skipped) to be used as input to the SHA-512
 hashing code. Game over.
 > My Windows debugging skills are limited, especially when working with
 optimized builds. Ideally someone who has some experience with mingw-w64
 internals would investigate further. I am not sure if this bug occurs with
 our ESR60-based Tor Browser builds; we could not reproduce it there but it
 is intermittent. The libmar code has not been modified much at all but
 maybe something has been fixed inside mingw-w64.

 Aewsome work! I think we could test the latter hypothesis by recompiling
 an ESR52-based Tor Browser with the mingw-w64 toolchain we use for ESR60,
 no? If so, let's do that.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26514#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list