[tor-bugs] #13280 [Tor]: Stop signed left shift overflows in ed25519

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Sep 29 00:50:01 UTC 2014


#13280: Stop signed left shift overflows in ed25519
------------------------+--------------------------------
     Reporter:  teor    |      Owner:
         Type:  defect  |     Status:  needs_review
     Priority:  major   |  Milestone:  Tor: 0.2.6.x-final
    Component:  Tor     |    Version:  Tor: unspecified
   Resolution:          |   Keywords:  tor-router ed25519
Actual Points:          |  Parent ID:
       Points:          |
------------------------+--------------------------------

Comment (by nickm):

 I've attached a new version of my script... did your old patch miss
 fe_frombytes.c ?  My script added some shifts there, but I didn't seem
 them in your patches.  That and the hand-written change in
 ge_scalarmult_base.c were the only differences I detected.

 I've tried to split the patches up into human-generated and machine-
 generated portions in a new branch.  It's called "bug13280" in my public
 repository. (info at https://gitweb.torproject.org/nickm/tor.git )

 Additionally, I've run 'gcc -O2 -S' on master before and after applying
 this patch series, and found no changes in the generated assembly.  This
 is looking pretty safe to me now.  If it still looks okay to you, I'll
 merge it.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13280#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list