[tor-bugs] #17658 [Tor]: Check buffer lengths and HMAC return value in crypto.c
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Nov 25 18:59:28 UTC 2015
#17658: Check buffer lengths and HMAC return value in crypto.c
--------------------+------------------------------------
Reporter: teor | Owner:
Type: defect | Status: needs_review
Priority: High | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Sponsor: |
--------------------+------------------------------------
Comment (by nickm):
I like 1ece83aa and fe5f43b0 just fine, but the one with all the new
asserts looks maybe-wrong to me. The reason that we had to
tor_assert(len<INT_MAX) in some cases before was that we were about to
cast len to int in order to pass it to an openssl API that was written to
accept int rather than size_t.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17658#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list