[tor-bugs] #11242 [Tor Launcher]: Fragile version checks lead to unexpected out of date advisement erroneously
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Mar 19 22:34:54 UTC 2014
#11242: Fragile version checks lead to unexpected out of date advisement
erroneously
--------------------------+-----------------------
Reporter: anon | Owner: brade
Type: defect | Status: new
Priority: major | Milestone:
Component: Tor Launcher | Version:
Keywords: | Actual Points:
Parent ID: | Points:
--------------------------+-----------------------
The check for a new Tor version opens a file on the file system for
version information comparison.
There are scenarios where this file may be written to by an old version,
or a exiting slowly version, as part of a TBB upgrade. (Or other scenarios
where users do things totally unexpected and not recommended.)
Thus: when checking for newer versions, an old version is referenced,
which will always claim to be out of date despite not being so.
---
Possible improvements:
If the version check including the version of the build of the
checker/writer somehow this condition would be avoided. Note that keeping
the version of the author/checker in the file itself could lead to race
conditions requiring some thought, while a version in the file path would
not conflict. (e.g. old and new write to version.txt compared to old write
to git-abcdef12-version.txt and new write to git-f00ff00f-version.txt)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11242>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list