[tor-bugs] #22926 [Core Tor/Tor]: The Tor compression code can call functions that are NULL
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jul 14 18:33:30 UTC 2017
#22926: The Tor compression code can call functions that are NULL
------------------------------+--------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.1.x-final
Component: Core Tor/Tor | Version: Tor: 0.3.1.1-alpha
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: 1 | Reviewer:
Sponsor: |
------------------------------+--------------------------------
The new Tor compression code in 0.3.1 assumes that all the compression
functions are bound at runtime.
For example, tor_lzma_method_supported() returns 1 when HAVE_LZMA is
defined, but that doesn't mean that lzma_version_string() has actually
been bound to a non-NULL address in the binary.
This is more likely to happens when tor is used as a shared library rather
than linked as an executable (shadow, iOS), and when using weak, lazy
symbol binding.
This might not be an issue we can solve unless we check for all the
symbols being NULL at runtime. Maybe the responsibility for proper linking
is on people who are compiling tor with weak, lazy symbol binding.
This bug was discovered by Rob Jansen when running shadow.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22926>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list