[tor-bugs] #17443 [Tor]: tor-gencert --passphrase-fd improperly checks for newline

[Tor Bug Tracker & Wiki]

#17443: tor-gencert --passphrase-fd improperly checks for newline
------------------------+------------------------------------
 Reporter:  junglefowl  |          Owner:
     Type:  defect      |         Status:  new
 Priority:  Medium      |      Milestone:  Tor: 0.2.8.x-final
Component:  Tor         |        Version:  Tor: 0.2.7.4-rc
 Severity:  Normal      |     Resolution:
 Keywords:              |  Actual Points:
Parent ID:              |         Points:
  Sponsor:              |
------------------------+------------------------------------

Comment (by cypherpunks):

 I had this issue happen to me which resulted in a failed assertion. I
 created a similar fix before finding this ticket (and patch). Before
 creating my patch, i read the manual of tor-gencert which states that it
 stops reading when it encounters a NUL or a newline.

 IMO this is unnecessarily limiting. What if a user wants to use output
 from /dev/urandom as their passphrase? It would depend on the output of
 /dev/urandom how much of the data would be used as a passphrase. In the
 worst case the first character is a NUL or a newline byte.

 A better solution would be to read until EOF is encountered or the buffer
 limit is reached (currently at 1024 bytes). This would make the memchr
 call obsolete and would simplify the code.

 Also buf is uninitialized so when nothing is read on stdin, memchr reads
 into uninitialized memory.

 Lastly, how much is tor-gencert used (in comparison to tor --keygen)? Is
 it worth it to write tests for it?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17443#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online