[tor-bugs] #23061 [Core Tor/Tor]: crypto_rand_double() should produce all possible outputs on 32-bit platforms
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jul 31 04:40:59 UTC 2017
#23061: crypto_rand_double() should produce all possible outputs on 32-bit
platforms
--------------------------+------------------------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.2.x-final
Component: Core | Version: Tor: 0.2.2.14-alpha
Tor/Tor |
Severity: Normal | Keywords: tor-relay, security-low, privcount
Actual Points: | Parent ID:
Points: 0.1 | Reviewer:
Sponsor: SponsorQ |
--------------------------+------------------------------------------------
On 32-bit platforms, crypto_rand_double() only produces 1 in every 2
million possible values between 0 and 1.
This happens because:
* crypto_rand_double() divides a random unsigned int by UINT_MAX
* an unsigned int on 32-bit platforms is 32 bits
* the mantissa on a double is 53 bits
So crypto_rand_double() doesn't fill the lower 21 bits with random values.
This makes the rep_hist_format_hs_stats() noise more predictable on 32-bit
platforms.
This fix shouldn't affect the unit tests, because they pass on 64-bit.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23061>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list