subject:"\[tor\-bugs\] #22563 \[Applications\/Tor Browser\]\: Many memory pages in tor.exe for Windows violate W\^X"

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

2017-11-09 Thread Tor Bug Tracker & Wiki

#22563: Many memory pages in tor.exe for Windows violate W^X
-+-
 Reporter:  arthuredelstein  |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  windows tor-client win32 tor-relay   |  Actual Points:
  security hardening 031-backport,   |
  TorBrowserTeam201707R, tbb-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arthuredelstein):

 Here's a patch for the maint-7.0 branch:
 https://github.com/arthuredelstein/tor-browser-bundle/commit/22563+1

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

2017-09-01 Thread Tor Bug Tracker & Wiki

#22563: Many memory pages in tor.exe for Windows violate W^X
-+-
 Reporter:  arthuredelstein  |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  windows tor-client win32 tor-relay   |  Actual Points:
  security hardening 031-backport,   |
  TorBrowserTeam201707R, tbb-backport|
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:
 windows tor-client win32 tor-relay security hardening 031-backport,
 TorBrowserTeam201707R
 =>
 windows tor-client win32 tor-relay security hardening 031-backport,
 TorBrowserTeam201707R, tbb-backport


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

2017-07-31 Thread Tor Bug Tracker & Wiki

#22563: Many memory pages in tor.exe for Windows violate W^X
-+-
 Reporter:  arthuredelstein  |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  windows tor-client win32 tor-relay   |  Actual Points:
  security hardening 031-backport,   |
  TorBrowserTeam201707R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by boklm):

 I applied the `tor-browser-build` patch as commit
 373cf261bd190d69669d1545b2b99c5a09c66d15.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

2017-07-31 Thread Tor Bug Tracker & Wiki

#22563: Many memory pages in tor.exe for Windows violate W^X
-+-
 Reporter:  arthuredelstein  |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:  closed
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  windows tor-client win32 tor-relay   |  Actual Points:
  security hardening 031-backport,   |
  TorBrowserTeam201707R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 Okay, I applied both patches (commit
 2e5a0f5570f5b2ba0bf9d84cd74b6553407a0435 to `tor-browser-52.2.0esr-7.5-1`
 and commit b42927a08821f1e1d46267156c369e3b45379758 to `master`). However,
 we still need to retain a small part of the Tor Browser patch due to
 https://bugzilla.mozilla.org/show_bug.cgi?id=1372959. I added that one to
 `tor-browser-52.2.0esr-7.5-1` as well (commit
 84d370aab03e45fbafef90b0fd99153e45a1b64a).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

2017-07-24 Thread Tor Bug Tracker & Wiki

#22563: Many memory pages in tor.exe for Windows violate W^X
-+-
 Reporter:  arthuredelstein  |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  windows tor-client win32 tor-relay   |  Actual Points:
  security hardening 031-backport,   |
  TorBrowserTeam201707R  |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by arthuredelstein):

 * keywords:
 windows tor-client win32 tor-relay security hardening 031-backport,
 TorBrowserTeam201707
 =>
 windows tor-client win32 tor-relay security hardening 031-backport,
 TorBrowserTeam201707R
 * status:  needs_revision => needs_review


Comment:

 Replying to [comment:7 gk]:
 > We are not using `rbm` for the alphas yet. Thus, we'd need a `Gitian`
 patch. Yes, giving what amounts to a compiler change some testing in our
 nightly/alpha builds first sounds like a good idea.

 > Moreover, it seems we get 7c90d5921bd2cb678eec09d05b10ce6fd13463bc as
 well with this mingw-w64 bump which allows us to get rid of one of our
 tor-browser patches I think. We should test that, too, while we are at it.

 Thanks for pointing that out. Here's a gitian patch and the corresponding
 tor-browser.git patch:
 https://github.com/arthuredelstein/tor-browser-bundle/commit/22563
 https://github.com/arthuredelstein/tor-browser/commit/22563

 But if we transition to rbm first, we can also use these two patches
 instead:
 https://github.com/arthuredelstein/tor-browser-build/commit/22563
 https://github.com/arthuredelstein/tor-browser/commit/22563

 Note I have had some trouble building the gitian build, but I will try
 again today. I'm pretty confident it will work as the rbm build worked for
 me.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

2017-07-14 Thread Tor Bug Tracker & Wiki

#22563: Many memory pages in tor.exe for Windows violate W^X
-+-
 Reporter:  arthuredelstein  |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  windows tor-client win32 tor-relay   |  Actual Points:
  security hardening 031-backport,   |
  TorBrowserTeam201707   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 Replying to [comment:10 arthuredelstein]:
 > My dear cypherpunk, maybe you would like to start that debate on the
 mingw-w64 discussion page? :)
 That debate has a very long history (see, e.g.
 https://sourceforge.net/p/mingw-w64/discussion/723797/thread/9e2995ab/).
 Don't you want to say some words to push the discussion forward? :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

2017-07-13 Thread Tor Bug Tracker & Wiki

#22563: Many memory pages in tor.exe for Windows violate W^X
-+-
 Reporter:  arthuredelstein  |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  windows tor-client win32 tor-relay   |  Actual Points:
  security hardening 031-backport,   |
  TorBrowserTeam201707   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by arthuredelstein):

 Replying to [comment:8 cypherpunks]:
 > As you "have stolen" this ticket from Core Tor :), it should be noted
 that the right fix for this bug is, as Jonathan Yong
 
[https://sourceforge.net/p/mingw-w64/discussion/723798/thread/2f2c014b/#e385/9720/259e
 suggested], to "Use proper dllimport/dllexport in your code to avoid auto-
 imports." To check that you should compile Tor with `--disable-auto-
 import` for MinGW-w64.

 Thanks for the good suggestion. I tried it but I already run into an error
 when openssl is building. Namely:
 {{{
 libcrypto.a(cryptlib.o):cryptlib.c:(.text+0x9): undefined reference to
 `__stack_chk_guard'
 libcrypto.a(cryptlib.o):cryptlib.c:(.text+0x48): undefined reference to
 `__stack_chk_guard'
 libcrypto.a(cryptlib.o):cryptlib.c:(.text+0xd4): undefined reference to
 `__stack_chk_guard'
 libcrypto.a(cryptlib.o):cryptlib.c:(.text+0xe4): undefined reference to
 `__stack_chk_guard'
 libcrypto.a(cryptlib.o):cryptlib.c:(.text+0x106): undefined reference to
 `__stack_chk_guard'
 libcrypto.a(cryptlib.o):cryptlib.c:(.text+0x264): more undefined
 references to `__stack_chk_guard' follow
 
/var/tmp/dist/mingw-w64/lib/gcc/i686-w64-mingw32/5.1.0/../../../../i686-w64-mingw32/bin/ld:
 libcrypto.a(cryptlib.o): bad reloc address 0x200 in section `.rdata'
 collect2: error: ld returned 1 exit status
 make[4]: *** [link_a.cygwin] Error 1
 }}}

 I did not investigate further, but my best guess is the -fstack-protector
 implementation (when used with mingw-w64) relies on auto-import. Looks
 like we would need an additional patch for gcc or mingw or someplace to
 fix this.

 > Arthur could also make Firefox compile with `--disable-auto-import` (and
 also explain Mozillians why not to use `-mnop-fun-dllimport`) and get
 another one bounty ;)

 Good point. I have opened #22917 to investigate this further. In the
 meantime I think we should go ahead with using the bumped version of
 mingw-w64 because it is working at least for now.

 > In general, MinGW-w64 should remove `--enable-auto-import` by default,
 because future releases of Windows can enforce security, and such tricks
 will fail. Maybe, Arthur, might explain MinGW-w64 guys that they shouldn't
 "fix" incompatible programs (by default at least) with this dirty hack,
 which Arthur made much less dirty!

 My dear cypherpunk, maybe you would like to start that debate on the
 mingw-w64 discussion page? :)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

2017-07-12 Thread Tor Bug Tracker & Wiki

#22563: Many memory pages in tor.exe for Windows violate W^X
-+-
 Reporter:  arthuredelstein  |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  windows tor-client win32 tor-relay   |  Actual Points:
  security hardening 031-backport,   |
  TorBrowserTeam201707   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by mcs):

 * cc: mcs (added)


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

2017-07-12 Thread Tor Bug Tracker & Wiki

#22563: Many memory pages in tor.exe for Windows violate W^X
-+-
 Reporter:  arthuredelstein  |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  windows tor-client win32 tor-relay   |  Actual Points:
  security hardening 031-backport,   |
  TorBrowserTeam201707   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-

Comment (by cypherpunks):

 As you "have stolen" this ticket from Core Tor :), it should be noted that
 the right fix for this bug is, as Jonathan Yong
 
[https://sourceforge.net/p/mingw-w64/discussion/723798/thread/2f2c014b/#e385/9720/259e
 suggested], to "Use proper dllimport/dllexport in your code to avoid auto-
 imports." To check that you should compile Tor with `--disable-auto-
 import` for MinGW-w64.
 Arthur could also make Firefox compile with `--disable-auto-import` (and
 also explain Mozillians why not to use `-mnop-fun-dllimport`) and get
 another one bounty ;)
 In general, MinGW-w64 should remove `--enable-auto-import` by default,
 because future releases of Windows can enforce security, and such tricks
 will fail. Maybe, Arthur, might explain MinGW-w64 guys that they shouldn't
 "fix" incompatible programs (by default at least) with this dirty hack,
 which Arthur made much less dirty! (Ask for bounty from all
 MinGW-w64-based software vendors ;)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

2017-07-12 Thread Tor Bug Tracker & Wiki

#22563: Many memory pages in tor.exe for Windows violate W^X
-+-
 Reporter:  arthuredelstein  |  Owner:
 |  arthuredelstein
 Type:  defect   | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:
Component:  Applications/Tor Browser |Version:
 Severity:  Normal   | Resolution:
 Keywords:  windows tor-client win32 tor-relay   |  Actual Points:
  security hardening 031-backport,   |
  TorBrowserTeam201707   |
Parent ID:   | Points:
 Reviewer:   |Sponsor:
-+-
Changes (by gk):

 * keywords:
 windows tor-client win32 tor-relay security hardening 031-backport,
 TorBrowserTeam201707R
 =>
 windows tor-client win32 tor-relay security hardening 031-backport,
 TorBrowserTeam201707
 * status:  needs_review => needs_revision
 * component:  Core Tor/Tor => Applications/Tor Browser
 * milestone:  Tor: 0.3.2.x-final =>


Comment:

 We are not using `rbm` for the alphas yet. Thus, we'd need a `Gitian`
 patch. Yes, giving what amounts to a compiler change some testing in our
 nightly/alpha builds first sounds like a good idea.

 Moreover, it seems we get 7c90d5921bd2cb678eec09d05b10ce6fd13463bc as well
 with this mingw-w64 bump which allows us to get rid of one of our tor-
 browser patches I think. We should test that, too, while we are at it.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

Re: [tor-bugs] #22563 [Applications/Tor Browser]: Many memory pages in tor.exe for Windows violate W^X

10 matches

Site Navigation

Mail list logo

Footer information