[tor-bugs] #22746 [Core Tor/Tor]: CID 1413651: No retval check in ed25519_donna_blind_public_key()

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Jun 28 11:03:17 UTC 2017


#22746: CID 1413651:  No retval check in ed25519_donna_blind_public_key()
------------------------------+--------------------------------
     Reporter:  asn           |      Owner:
         Type:  defect        |     Status:  new
     Priority:  Medium        |  Milestone:  Tor: 0.3.2.x-final
    Component:  Core Tor/Tor  |    Version:
     Severity:  Normal        |   Keywords:  coverity
Actual Points:                |  Parent ID:
       Points:  0.1           |   Reviewer:
      Sponsor:  SponsorR-can  |
------------------------------+--------------------------------
 {{{
 /src/ext/ed25519/donna/ed25519_tor.c: 307 in
 ed25519_donna_blind_public_key()
 301       ed25519_donna_gettweak(tweak, param);
 302       expand256_modm(t, tweak, 32);
 303
 304       /* No "ge25519_unpack", negate the public key. */
 305       memcpy(pkcopy, inp, 32);
 306       pkcopy[31] ^= (1<<7);
 >>>     CID 1413651:  Error handling issues  (CHECKED_RETURN)
 >>>     Calling "ge25519_unpack_negative_vartime" without checking return
 value (as is done elsewhere 4 out of 5 times).
 307       ge25519_unpack_negative_vartime(&A, pkcopy);
 308
 309       /* A' = [tweak] * A + [0] * basepoint. */
 310       ge25519_double_scalarmult_vartime(&Aprime, &A, t, zero);
 311       ge25519_pack(out, &Aprime);
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22746>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list