[tor-bugs] #22746 [Core Tor/Tor]: CID 1413651: No retval check in ed25519_donna_blind_public_key()
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jun 28 11:03:17 UTC 2017
#22746: CID 1413651: No retval check in ed25519_donna_blind_public_key()
------------------------------+--------------------------------
Reporter: asn | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.2.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords: coverity
Actual Points: | Parent ID:
Points: 0.1 | Reviewer:
Sponsor: SponsorR-can |
------------------------------+--------------------------------
{{{
/src/ext/ed25519/donna/ed25519_tor.c: 307 in
ed25519_donna_blind_public_key()
301 ed25519_donna_gettweak(tweak, param);
302 expand256_modm(t, tweak, 32);
303
304 /* No "ge25519_unpack", negate the public key. */
305 memcpy(pkcopy, inp, 32);
306 pkcopy[31] ^= (1<<7);
>>> CID 1413651: Error handling issues (CHECKED_RETURN)
>>> Calling "ge25519_unpack_negative_vartime" without checking return
value (as is done elsewhere 4 out of 5 times).
307 ge25519_unpack_negative_vartime(&A, pkcopy);
308
309 /* A' = [tweak] * A + [0] * basepoint. */
310 ge25519_double_scalarmult_vartime(&Aprime, &A, t, zero);
311 ge25519_pack(out, &Aprime);
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22746>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list