mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 23:53:32 +01:00
Merge branch 'maint-0.3.5' into maint-0.4.4
This commit is contained in:
commit
7c19a4d924
8
changes/ticket40390
Normal file
8
changes/ticket40390
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
o Major bugfixes (security, defense-in-depth):
|
||||||
|
- Detect a wider variety of failure conditions from the OpenSSL RNG
|
||||||
|
code. Previously, we would detect errors from a missing RNG
|
||||||
|
implementation, but not failures from the RNG code itself.
|
||||||
|
Fortunately, it appears those failures do not happen in practice
|
||||||
|
when Tor is using OpenSSL's default RNG implementation.
|
||||||
|
Fixes bug 40390; bugfix on 0.2.8.1-alpha. This issue is also tracked as
|
||||||
|
TROVE-2021-004. Reported by Jann Horn at Google's Project Zero.
|
@ -525,8 +525,8 @@ crypto_rand_unmocked(char *to, size_t n)
|
|||||||
/* We consider a PRNG failure non-survivable. Let's assert so that we get a
|
/* We consider a PRNG failure non-survivable. Let's assert so that we get a
|
||||||
* stack trace about where it happened.
|
* stack trace about where it happened.
|
||||||
*/
|
*/
|
||||||
tor_assert(r >= 0);
|
tor_assert(r == 1);
|
||||||
#endif /* defined(ENABLE_NSS) */
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
Loading…
Reference in New Issue
Block a user