Implicit time range assumption breaks Tor in Shadow
There is an assumption in src/common/tortls.c:582
in tor_tls_create_certificate
:
time_t now = time(NULL);
start_time = crypto_rand_time_range(now - cert_lifetime, now) + 2*24*3600;
The assumption is that now
is greater than cert_lifetime
, which does not hold in Shadow because Shadow timestamps start from 0. This causes a negative value to get sent into crypto_rand_time_range
, which later gets passed as an unsigned int, which then fails a bounds assertion because of an underflow.
This problem also exists in 2 other callers of crypto_rand_time_range
:
add_an_entry_guard
entry_guards_parse_state