[tor-bugs] #19152 [Core Tor/Tor]: use-after-free on failing RSA_generate_key_ex()
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed May 25 00:12:21 UTC 2016
#19152: use-after-free on failing RSA_generate_key_ex()
-------------------------------------------------+-------------------------
Reporter: nickm | Owner: nickm
Type: defect | Status:
Priority: Medium | needs_review
Component: Core Tor/Tor | Milestone: Tor:
Severity: Normal | 0.2.8.x-final
Keywords: 027-backport must-fix- | Version:
before-028-alpha | Resolution:
Parent ID: | Actual Points:
Reviewer: | Points:
| Sponsor:
-------------------------------------------------+-------------------------
Comment (by arma):
s/failes/fails/
"exactly when to"...?
The commit log starts with "let me walk through my analysis" rather than
explaining what the issue is or what the fix is. Re-using some of the text
from the changes file would be helpful, to give context to the person who
is reading (since you clearly are intending for people to read this commit
log). Like, you start talking about a non-engine case before I knew
engines were involved.
The patch itself looks good to me.
I've mailed the original bug reporter so he can look it over too if he
wants.
Thanks!
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19152#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list