[tor-qa] Introducing hardened builds for 64bit Linux

Jurre van Bergen drwhax at 2600nl.net
Sat Oct 31 23:51:44 UTC 2015 


On 11/01/2015 12:25 AM, Jurre van Bergen wrote:
>
> On 10/21/2015 02:54 PM, Georg Koppen wrote:
>> Hi,
>>
>> we are about to start a hardened Tor Browser series and the first
>> nightly for it is ready to get tested (on 64bit Linux systems):
>>
>> https://people.torproject.org/~gk/testbuilds/tor-browser-linux64-tbb-nightly-hardened_ALL.tar.xz
>> https://people.torproject.org/~gk/testbuilds/tor-browser-linux64-tbb-nightly-hardened_ALL.tar.xz.asc
>>
>> Its major features are:
>>
>> 1) expensive hardening for tor (ASan, UBSan...)
>> 2) ASan for the browser
>> 3) the locales we ship/support are included in one bundle allowing to
>> choose the locale for Tor Browser on start-up
>>
>> We plan to have something like 3) for the regular alpha and stable
>> series in the (near) future as well. Thus, testing it and providing
>> feedback is extra welcome.
>>
>>
> I experience a crash of Tor when I try to go to a new generated tor
> hidden service with just a default apache2 page from Debian Jessie.
>
> I run Debian Jessie: Linux boardsofcanada 3.16.0-4-amd64 #1 SMP Debian
> 3.16.7-ckt11-1+deb8u4 (2015-09-19) x86_64 GNU/Linux
>
> This happens everytime when I try to go to this URL.
>
> Nov 01 00:12:30.000 [notice] Bootstrapped 85%: Finishing handshake with
> first hop
> Nov 01 00:12:30.000 [notice] New control connection opened from 127.0.0.1.
> Nov 01 00:12:31.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
> Nov 01 00:12:31.000 [notice] Tor has successfully opened a circuit.
> Looks like client functionality is working.
> Nov 01 00:12:31.000 [notice] Bootstrapped 100%: Done
> console.error:
>   [CustomizableUI]
>   Custom widget with id loop-button does not return a valid node
> Nov 01 00:12:35.000 [notice] New control connection opened from 127.0.0.1.
> Nov 01 00:12:35.000 [notice] New control connection opened from 127.0.0.1.
> =================================================================
> ==15963==ERROR: AddressSanitizer: heap-use-after-free on address
> 0x60c0003fa4aa at pc 0x7f5804a9b94e bp 0x7ffcfe46a470 sp 0x7ffcfe46a468
> READ of size 20 at 0x60c0003fa4aa thread T0
> ASAN:SIGSEGV
> ==15963==AddressSanitizer: while reporting a bug found another one.
> Ignoring.

Same thing happens when I try to go to facebookcorewwwi.onion.
I have attached my GDB output.

Best,
Jurre
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tor.png
Type: image/png
Size: 317848 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-qa/attachments/20151101/faca1ec6/attachment-0001.png>

More information about the tor-qa mailing list