[tor-bugs] #17443 [Tor]: tor-gencert --passphrase-fd improperly checks for newline
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Oct 28 19:21:27 UTC 2015
#17443: tor-gencert --passphrase-fd improperly checks for newline
----------------------------+-----------------------------
Reporter: junglefowl | Owner:
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Tor | Version: Tor: 0.2.7.4-rc
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Sponsor:
----------------------------+-----------------------------
How to trigger:
{{{
$ tor-gencert --create-identity-key --passphrase-fd 0 < /dev/null
}}}
It depends on your system what will happen now: assert, not enough memory,
or nothing.
This patch properly checks if memchr call returns NULL:
{{{
src/tools/tor-gencert.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c
index e833aa9..d4c8c0d 100644
--- a/src/tools/tor-gencert.c
+++ b/src/tools/tor-gencert.c
@@ -103,6 +103,10 @@ load_passphrase(void)
return -1;
}
cp = memchr(buf, '\n', n);
+ if (cp == NULL) {
+ log_err(LD_GENERAL, "Couldn't read from passphrase fd: missing
newline");
+ return -1;
+ }
passphrase_len = cp-buf;
passphrase = tor_strndup(buf, passphrase_len);
memwipe(buf, 0, sizeof(buf));
}}}
----
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17443>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list