[tor-bugs] #33702 [Applications/Tor Browser]: RSA_get0_d could not be located in the dynamic link library tor.exe

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Apr 5 14:35:33 UTC 2020 

#33702: RSA_get0_d could not be located in the dynamic link library tor.exe
--------------------------------------+--------------------------
 Reporter:  ner0                      |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by ner0):

 Replying to [comment:26 teor]:
 > I also don't know why running Tor Browser once as an administrator fixes
 the issue.

 ----
 At first glance it seems to be a Microsoft "feature", but lets not lose
 focus that Tor is the actual issue. To the extent that Windows 10 is
 concerned, my testing had the following results in terms of DLL search
 order.

  * When running as current user, '\Windows\System32\' is searched first,
 then \Windows\, and so on.
  * When current user invokes "run as administrator", current folder is
 searched first.

 I can't really wrap my head around Microsoft's intention here, if the idea
 was to protect the user from potential system hijacking I would assume the
 OS to take the opposite approach since non-system files and folders would
 be easier to compromise, thus it would make much more sense for an
 elevated process to first search the system folder instead of an easily
 manipulable user folder. That aside, why does using "run as administrator"
 once fixes it for subsequent runs as a standard user? No clue.

 Anyway, one thing is sure, Firefox process itself handles DLL search order
 perfectly regardless of the elevation while Tor process does not. The
 earliest example is firefox.exe searching for the DLL version.dll inside
 Tor Browser's folder first before searching in \Windows\System32\,
 meanwhile tor.exe searches for all DLLs first in \Windows\System32\, then
 '\Windows\', etc. I think Tor should implement the approach mentioned
 before: [https://searchfox.org/mozilla-
 central/source/toolkit/mozapps/update/updater/loaddlls.cpp#8-29]

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33702#comment:28>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list