[tor-bugs] #17443 [Tor]: tor-gencert --passphrase-fd improperly checks for newline

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Feb 12 10:00:25 UTC 2016

#17443: tor-gencert --passphrase-fd improperly checks for newline
 Reporter:  junglefowl  |          Owner:
     Type:  defect      |         Status:  needs_review
 Priority:  Medium      |      Milestone:  Tor: 0.2.8.x-final
Component:  Tor         |        Version:  Tor:
 Severity:  Normal      |     Resolution:
 Keywords:  crash       |  Actual Points:
Parent ID:              |         Points:
  Sponsor:              |

Comment (by cypherpunks):

 Replying to [comment:5 nickm]:
 > I've done a slightly different fix as branch bug17443 in my public
 repository at https://gitweb.torproject.org/nickm/tor.git/ .  Please
 IMO it would be better, with regards to readability, if the passphrase
 length was explicitly set to zero if no newline was found and do the
 pointer subtraction otherwise. Furthermore, `buf` is still uninitialized.
 Please initialize it to prevent future problems.

 A minor nitpick is the typo in the commit message (//Hnadle// instead of

 What about the argument against limiting the passphrase as made in
 [comment:2 comment 2] or is that for another ticket?

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17443#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list