[tor-bugs] #27226 [Core Tor/Tor]: Crash in tortls/cert_matches_key with openssl 1.0.2p

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Aug 20 21:00:20 UTC 2018


#27226: Crash in tortls/cert_matches_key with openssl 1.0.2p
------------------------------+--------------------------------
     Reporter:  nickm         |      Owner:  (none)
         Type:  defect        |     Status:  new
     Priority:  High          |  Milestone:  Tor: 0.3.5.x-final
    Component:  Core Tor/Tor  |    Version:
     Severity:  Normal        |   Keywords:  034-must 029-
Actual Points:                |  Parent ID:
       Points:                |   Reviewer:
      Sponsor:                |
------------------------------+--------------------------------
 Our unit test, `tortls/cert_matches_key`, does some questionable stuff
 that is not compatible with openssl 1.0.2p.

 Namely, it calls `EVP_PKEY_asn1_new(999, 0, NULL, NULL)`, which now
 returns NULL.

 Looking at the test, I'm not sure what it's trying to do with this -- it's
 making a bogus public key method with a "compare" function that will
 always return "1".  Later, it's using this thing to construct bogus PKEY
 objects.

 This, like a lot of other tortls.c tests, is way too tightly coupled to
 openssl internals.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/27226>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list