#21278: Avoid signed integer underflow when comparing versions (Fix TROVE-2017-001) --------------------------+------------------------------------ Reporter: nickm | Owner: nickm Type: defect | Status: needs_revision Priority: Medium | Milestone: Tor: 0.3.0.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: 029-backport | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: --------------------------+------------------------------------ Changes (by teor):
* status: needs_review => needs_revision Comment: Replying to [comment:11 nickm]: > Okay. So here's where we stand: > * I have a `bug21278_024_v4` that has only the minimal fix for the integer issue. I propose that it go into 0.2.4. This is ok, as anyone on a private network can stop their own relays misbehaving. `make check` passes for me on macOS 10.12 i386 and x86_64. > * I have a `bug21278_redux_029` that blocks the bogus versions at the directory level, and includes a changes file and roger's function documentation. I propose that it go into 0.2.9. This refuses to compile for me with: {{{ src/or/routerparse.c:5555:32: error: comparison of unsigned enum expression < 0 is always false [-Werror,-Wtautological-compare] router_version->status < 0 || }}} on: {{{ clang -arch i386 --version >&5 clang version 3.9.1 (tags/RELEASE_391/final) Target: i386-apple-darwin16.4.0 Thread model: posix }}} The 64-bit arch compiles and passes `make check test-network-all`. I don't know what the extra newline is doing in f1c2cea165, but that's a nitpick. The changes file in 1ff289a745 includes trailing whitespace. > * I agree that it's okay to merge bug21278_024_v2_extra to 0.2.9. I have a `bug21278_extra_029` branch to port those forward. I'm okay with taking that in 0.2.9 or 0.3.0. I think 029, in case there is a security issue here. `make check test-network-all` passes for me on macOS 10.12 i386 and x86_64. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21278#comment:12> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs