[tor-bugs] #17796 [Tor]: Make crypto_digest_t allocated using minimal memory
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Dec 21 22:39:45 UTC 2015
#17796: Make crypto_digest_t allocated using minimal memory
--------------------+------------------------------------
Reporter: nickm | Owner:
Type: defect | Status: needs_review
Priority: Low | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Sponsor: |
--------------------+------------------------------------
Comment (by teor):
In crypto_digest_get_digest, this block is now unreachable:
{{{
default:
log_warn(LD_BUG, "Called with unknown algorithm %d",
digest->algorithm);
/* If fragile_assert is not enabled, then we should at least not
* leak anything. */
memwipe(r, 0xff, sizeof(r));
memwipe(&tmpenv, 0, sizeof(crypto_digest_t));
tor_fragile_assert();
break;
}}}
as this line will assert before the default case is reached:
{{{
const size_t alloc_bytes = crypto_digest_alloc_bytes(digest->algorithm);
}}}
If it wasn't unreachable, this one remaining instance of
`sizeof(crypto_digest_t)` could write into unallocated memory:
{{{
memwipe(&tmpenv, 0, sizeof(crypto_digest_t));
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17796#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list