[tor-bugs] #33545 [Core Tor/Tor]: assertion failure when "all zero" client auth key provided

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Mar 24 12:44:43 UTC 2020


#33545: assertion failure when "all zero" client auth key provided
--------------------------+----------------------------------------
 Reporter:  mcs           |          Owner:  (none)
     Type:  defect        |         Status:  closed
 Priority:  High          |      Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor  |        Version:  Tor: 0.4.4.0-alpha-dev
 Severity:  Normal        |     Resolution:  duplicate
 Keywords:  043-should    |  Actual Points:
Parent ID:                |         Points:
 Reviewer:  asn           |        Sponsor:
--------------------------+----------------------------------------

Comment (by nickm):

 Right.  There's another issue too: a big part of our investigation was to
 find out whether any other parts of our code might have another instance
 of this bug that could have been triggered _without_ authenticated control
 port access.  We looked hard and didn't find any such instances, but if we
 had, then TROVE-2020-003 would have been a higher severity, and would not
 have been a duplicate of this issue.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33545#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list