[tor-bugs] #13538 [Tor]: Stop signed left shift overflows in curve25519-donna (non-64-bit)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Oct 22 13:40:04 UTC 2014
#13538: Stop signed left shift overflows in curve25519-donna (non-64-bit)
---------------------------------------+----------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor | Version: Tor: unspecified
Keywords: tor-router integer-safety | Actual Points:
Parent ID: | Points:
---------------------------------------+----------------------------------
Similarly to #13280, the curve25519-donna.c code contains some signed left
shifts of negative numbers, which clang identifies as runtime errors.
(This is only an issue with the generic code, not the 64-bit code.)
Under -ftrapv, this causes a trap/crash.
I've used a similar strategy to the one in #13280, where we automate the
entire SHL32/SHL64 conversion using a perl script. The first commit sets
up the macros.
The safe SHL32/SHL64 macros perform potentially overflowing left shifts in
unsigned arithmetic.
I'll post a branch as soon as I've set up a change entry (for which I need
the bug number).
Version: tor 2.6.?-alpha
git: fc5cab44724e8328e2186f22114625388f1c8f0d (Thu Oct 16 13:29:14 2014
-0400)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13538>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list