subject:"\[tor\-bugs\] #22626 \[Core Tor\/Tor\]\: Missing stream NULL check in tor_compress

Re: [tor-bugs] #22626 [Core Tor/Tor]: Missing stream NULL check in tor_compress_impl

2017-06-20 Thread Tor Bug Tracker & Wiki

#22626: Missing stream NULL check in tor_compress_impl
---+
 Reporter:  teor   |  Owner:  ahf
 Type:  defect | Status:  closed
 Priority:  Medium |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor   |Version:  Tor: 0.3.1.1-alpha
 Severity:  Normal | Resolution:  fixed
 Keywords:  memory-safety  |  Actual Points:
Parent ID:  #22502 | Points:  1
 Reviewer: |Sponsor:
---+
Changes (by nickm):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 merged as part of #22502

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22626 [Core Tor/Tor]: Missing stream NULL check in tor_compress_impl

2017-06-16 Thread Tor Bug Tracker & Wiki

#22626: Missing stream NULL check in tor_compress_impl
---+
 Reporter:  teor   |  Owner:  ahf
 Type:  defect | Status:  assigned
 Priority:  Medium |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor   |Version:  Tor: 0.3.1.1-alpha
 Severity:  Normal | Resolution:
 Keywords:  memory-safety  |  Actual Points:
Parent ID:  #22502 | Points:  1
 Reviewer: |Sponsor:
---+

Comment (by teor):

 Also, there is a fix for this in the branch in #22502, but it's not the
 tor_assert() fix.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22626 [Core Tor/Tor]: Missing stream NULL check in tor_compress_impl

2017-06-16 Thread Tor Bug Tracker & Wiki

#22626: Missing stream NULL check in tor_compress_impl
---+
 Reporter:  teor   |  Owner:  ahf
 Type:  defect | Status:  assigned
 Priority:  Medium |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor   |Version:  Tor: 0.3.1.1-alpha
 Severity:  Normal | Resolution:
 Keywords:  memory-safety  |  Actual Points:
Parent ID:  #22502 | Points:  1
 Reviewer: |Sponsor:
---+

Comment (by teor):

 I wonder if it would be best to tor_assert() on UNKNOWN_METHOD, or BUG(),
 and then return a non-NULL state. An edge case where we don't check state
 correctly before calling could easily turn into a DoS bug.
 {{{
 case UNKNOWN_METHOD:
   goto err;
   }

   atomic_counter_add(_compress_allocation,
  sizeof(tor_compress_state_t));
   return state;

  err:
   tor_free(state);
   return NULL;
 }}}

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22626 [Core Tor/Tor]: Missing stream NULL check in tor_compress_impl

2017-06-16 Thread Tor Bug Tracker & Wiki

#22626: Missing stream NULL check in tor_compress_impl
---+
 Reporter:  teor   |  Owner:
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor   |Version:  Tor: 0.3.1.1-alpha
 Severity:  Normal | Resolution:
 Keywords:  memory-safety  |  Actual Points:
Parent ID:  #22502 | Points:  1
 Reviewer: |Sponsor:
---+

Comment (by nickm):

 Probably asserting makes more sense?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22626 [Core Tor/Tor]: Missing stream NULL check in tor_compress_impl

2017-06-15 Thread Tor Bug Tracker & Wiki

#22626: Missing stream NULL check in tor_compress_impl
---+
 Reporter:  teor   |  Owner:
 Type:  defect | Status:  new
 Priority:  Medium |  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor   |Version:  Tor: 0.3.1.1-alpha
 Severity:  Normal | Resolution:
 Keywords:  memory-safety  |  Actual Points:
Parent ID:  #22502 | Points:  1
 Reviewer: |Sponsor:
---+
Changes (by teor):

 * points:  0.1 => 1
 * parent:   => #22502


Comment:

 Given the number of times we don't check the output of tor_compress_new(),
 we should probably hard assert if it would return NULL, or check in all
 those places, or something?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #22626 [Core Tor/Tor]: Missing stream NULL check in tor_compress_impl

2017-06-15 Thread Tor Bug Tracker & Wiki

#22626: Missing stream NULL check in tor_compress_impl
--+
 Reporter:  teor  |  Owner:
 Type:  defect| Status:  new
 Priority:  Medium|  Milestone:  Tor: 0.3.1.x-final
Component:  Core Tor/Tor  |Version:  Tor: 0.3.1.1-alpha
 Severity:  Normal|   Keywords:  memory-safety
Actual Points:|  Parent ID:
   Points:  0.1   |   Reviewer:
  Sponsor:|
--+
 The second time we create a stream in tor_compress_impl, we don't check if
 it's NULL.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #22626 [Core Tor/Tor]: Missing stream NULL check in tor_compress_impl

Re: [tor-bugs] #22626 [Core Tor/Tor]: Missing stream NULL check in tor_compress_impl

Re: [tor-bugs] #22626 [Core Tor/Tor]: Missing stream NULL check in tor_compress_impl

Re: [tor-bugs] #22626 [Core Tor/Tor]: Missing stream NULL check in tor_compress_impl

Re: [tor-bugs] #22626 [Core Tor/Tor]: Missing stream NULL check in tor_compress_impl

[tor-bugs] #22626 [Core Tor/Tor]: Missing stream NULL check in tor_compress_impl

6 matches

Site Navigation

Mail list logo

Footer information