Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-13T15:43:04Zhttps://gitlab.torproject.org/legacy/trac/-/issues/31001Undefined behavior in tor_vasprintf()2020-06-13T15:43:04ZGeorge KadianakisUndefined behavior in tor_vasprintf()```
Overflowing a signed integer in C is an undefined behaviour.
It is possible to trigger this undefined behaviour in tor_asprintf on
Windows or systems lacking vasprintf.
On these systems, eiter _vscprintf or vsnprintf is called to re...```
Overflowing a signed integer in C is an undefined behaviour.
It is possible to trigger this undefined behaviour in tor_asprintf on
Windows or systems lacking vasprintf.
On these systems, eiter _vscprintf or vsnprintf is called to retrieve
the required amount of bytes to hold the string. These functions can
return INT_MAX. The easiest way to recreate this is the use of a
specially crafted configuration file, e.g. containing the line:
FirewallPorts AAAAA<in total 2147483610 As>
This line triggers the needed tor_asprintf call which eventually
leads to an INT_MAX return value from _vscprintf or vsnprintf.
The needed byte for \0 is added to the result, triggering the
overflow and therefore the undefined behaviour.
Casting the value to size_t before addition fixes the behaviour.
```Tor: 0.4.0.x-finalNick MathewsonNick Mathewsonhttps://gitlab.torproject.org/legacy/trac/-/issues/29706Test failure due to memory leaks in shared-random unit tests: long-term fix2020-06-13T15:39:11ZteorTest failure due to memory leaks in shared-random unit tests: long-term fixIn #29599 we fixed some leaks in the shared-random unit tests. But there are still some test failures.
The shared random state claims to take over ownership of SRVs passed to it using PUT. But it doesn't free them automatically: instead...In #29599 we fixed some leaks in the shared-random unit tests. But there are still some test failures.
The shared random state claims to take over ownership of SRVs passed to it using PUT. But it doesn't free them automatically: instead, the caller has to remember to call state_del_current_srv() first. (Or one of its callers.)
The current app code is ok, but the test code doesn't always call the functions in the right order.Tor: 0.4.0.x-finalteorteorhttps://gitlab.torproject.org/legacy/trac/-/issues/29693Decrease probability of stochastic failures in test-slow2020-06-13T15:39:05ZteorDecrease probability of stochastic failures in test-slowOur stochastic tests are supposed to fail around 1 in 100 runs. But when I'm doing a backport to 0.2.9, there are up to 14 jobs times 9 branches, each of which runs a test instance.
So let's decrease the probability to about 1 in (100 *...Our stochastic tests are supposed to fail around 1 in 100 runs. But when I'm doing a backport to 0.2.9, there are up to 14 jobs times 9 branches, each of which runs a test instance.
So let's decrease the probability to about 1 in (100 * 14 * 9).
Here's what the output looks like:
```
slow/prob_distr/stochastic_uniform: [forking] fail uniform sampler
FAIL src/test/test_prob_distr.c:1209: assert(ok)
NOTE: This is a stochastic test, and we expect it to fail from
time to time, with some low probability. If you see it fail more
than one trial in 100, though, please tell us.
Seed: 5DB9A3B32C29B76D7A0032700DD142BB
[stochastic_uniform FAILED]
```
https://travis-ci.org/torproject/tor/jobs/503432646#L5845Tor: 0.4.0.x-finalGeorge KadianakisGeorge Kadianakishttps://gitlab.torproject.org/legacy/trac/-/issues/29691Builds from master fail on Jenkins mingw builder2020-06-13T16:57:02ZTracBuilds from master fail on Jenkins mingw builderOn https://jenkins.torproject.org/view/tor/ the builds from git master for tor-ci-mingwcross-master builder are failing for a long time (Last successful build (# 2226), 2 mo 20 days ago )
A failing build log e.g. https://jenkins.torproj...On https://jenkins.torproject.org/view/tor/ the builds from git master for tor-ci-mingwcross-master builder are failing for a long time (Last successful build (# 2226), 2 mo 20 days ago )
A failing build log e.g. https://jenkins.torproject.org/view/tor/job/tor-ci-mingwcross-master/lastCompletedBuild/ARCHITECTURE=amd64,SUITE=stretch/consoleFull#-16059184715da2eb1d-1267-4376-8b22-f5f143383dc7
```
21:28:05 + cp src/test/test-child.exe /srv/jenkins-workspace/workspace/tor-ci-mingwcross-master/ARCHITECTURE/amd64/SUITE/stretch/RESULT/bin/
21:28:05 cp: cannot stat 'src/test/test-child.exe': No such file or directory
21:28:05 + rc=1
```
There are no usable artifacts as a result, for those who wish to use them. Aside, no artifacts are kept on Appveyor too.
**Trac**:
**Username**: harigTor: 0.4.0.x-finalAlexander Færøyahf@torproject.orgAlexander Færøyahf@torproject.orghttps://gitlab.torproject.org/legacy/trac/-/issues/27914Extract fallback-scripts to its own git repository2020-06-13T16:06:32ZNick MathewsonExtract fallback-scripts to its own git repositoryThis would let us give teor and phoul direct commit permissions here.This would let us give teor and phoul direct commit permissions here.Tor: 0.4.0.x-finalhttps://gitlab.torproject.org/legacy/trac/-/issues/24805Update fallback whitelist in late 20182020-06-13T15:19:52ZteorUpdate fallback whitelist in late 2018We need to update the list using:
* operator emails from 2018
* the opt-in process in #24804
* ~~running the script, finding change warnings, contacting operators, and updating their details~~ we'll do #24838 insteadWe need to update the list using:
* operator emails from 2018
* the opt-in process in #24804
* ~~running the script, finding change warnings, contacting operators, and updating their details~~ we'll do #24838 insteadTor: 0.4.0.x-finalColin ChildsColin Childs