[tor-bugs] #17799 [Core Tor/Tor]: Hash All PRNG output before use
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Apr 26 09:12:09 UTC 2016
#17799: Hash All PRNG output before use
-------------------------------+----------------------------------------
Reporter: teor | Owner: nickm
Type: defect | Status: needs_review
Priority: Medium | Milestone: Tor: 0.2.9.x-final
Component: Core Tor/Tor | Version: Tor: unspecified
Severity: Normal | Resolution:
Keywords: TorCoreTeam201604 | Actual Points:
Parent ID: | Points: small/medium-remaining
Reviewer: asn | Sponsor:
-------------------------------+----------------------------------------
Comment (by asn):
BTW, maybe we could rename the variables `n` and `sz` in
`shake_prng_getbytes_raw()` to something more readable? e.g.
`total_bytes_needed` and `n_bytes_to_extract`? There was already a serious
bug in that function so making its logic as clear as possible seems
worthwhile.
As another question, why do we use `mmap()` to allocate space for the
`shake_prng_t`? Couldn't we just use `tor_malloc()` which would get
translated to `mmap()` anyway if the requested space is big enough? Are we
doing it so that we can pass `MAP_PRIVATE` to `mmap()` or something?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17799#comment:40>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list