[tor-bugs] #14013 [Core Tor/Tor]: base16_decode() API is inconsistent and error-prone
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jun 17 18:02:22 UTC 2016
#14013: base16_decode() API is inconsistent and error-prone
-----------------------------------+------------------------------------
Reporter: nickm | Owner: nikkolasg
Type: defect | Status: needs_revision
Priority: High | Milestone: Tor: 0.2.9.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: lorax, review-group-3 | Actual Points:
Parent ID: | Points: 1
Reviewer: dgoulet | Sponsor: SponsorS-can
-----------------------------------+------------------------------------
Changes (by nickm):
* status: merge_ready => needs_revision
Comment:
requested changes:
* require that destlen be less than SSIZE_MAX. Otherwise the cast in
base16_decode isn't safe.
* document what happens if destlen is greater than or less than
srclen/2.
*
{{{
+ ok = base16_decode(id, DIGEST_LEN, cp+strlen("id="),
+ strlen(cp)-strlen("id=")) != DIGEST_LEN ? 0 : 1;
}}}
would make more sense as `ok = (base16_decode(...) == DIGEST_LEN)`
* Why is the comparison in decode_hashed_passwords < rather than != ?
To consider:
* Should we make all of these functions clear the unused portion of the
output buffer?
* Is it possible that we missed any instances of base16_decode() ?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14013#comment:29>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list