Opened 3 years ago

Closed 3 years ago

#19127 closed defect (invalid)

Don't crash authorities with more than 254 shared random reveals

Reported by: teor Owned by:
Priority: Medium Milestone: Tor: 0.2.9.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-hs, 029-proposed, assert-crash
Cc: Actual Points: 0.5
Parent ID: #16943 Points: 0.5
Reviewer: Sponsor:

Description

Rather than asserting that a tor network never has more than 253 authorities, we could instead log when we truncate the number of reveals in the shared random hash.

As a consequential change, we should do this truncation as late as possible, so that the value assigned to srv->num_reveals is not truncated.

In any case, tor_assert(reveal_num < UINT8_MAX); is unnecessarily strict, it can be tor_assert(reveal_num <= UINT8_MAX);.

Please see my branch sr-no-crash on https://github.com/teor2345/tor.git for fixes to these issues.

Child Tickets

Change History (2)

comment:1 Changed 3 years ago by teor

Status: newneeds_review

comment:2 Changed 3 years ago by teor

Resolution: invalid
Status: needs_reviewclosed

Obsoleted by #19134, because the spec says 8 bytes of reveal_num, not 8 bits.

Note: See TracTickets for help on using tickets.