[ciphershed] Reviewed commit e8529e95d89d3f519a31ef7de5bd7f0d0d318e8c
- From: Bill Cox <waywardgeek@xxxxxxxxxxxxxx>
- To: ciphershed@xxxxxxxxxxxxx
- Date: Tue, 01 Jul 2014 16:12:30 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I have verified that the latest master HEAD,
e8529e95d89d3f519a31ef7de5bd7f0d0d318e8c, looks good to me. Mostly
the git-diffs are from moving all the source to the src directory.
There is one minor issue I found. Line 3045 of src/Driver/ntdriver.c
uses the class ID from TrueCrypt. Class IDs are documented here:
http://msdn.microsoft.com/en-us/library/ms970651.aspx
I think we need a different, random class ID if we don't want to
collide with TrueCrpyt running on the same system. This basically is
the ID Windows uses to allow COM objects to communicate with each
other. They are all supposed to be unique. I wanted feedback on this
issue before fixing it, but I'm leaning towards creating a random-ish
ID. To show that I didn't cherry pick the random ID for some
nefarious purpose, I would use the latest hex digits from our commit
history, rather than trusting a random number generator. Would this
be OK?
The most significant change was a bug Jason found and fixed. Good
catch on the string length on line 3050 in Ntdriver.c! I missed that
in my review. So, Jason is +1 vs me in catching bugs the other guy
should have found :-)
One unrelated question: Should the security team have it's
conversations here? I think we need to be as public as possible when
reviewing code, unless we discover an exploit we want to patch before
publishing. This long-term ongoing review may be boring to the other
ciphershed list members.
Bill
I have never been served with any warrant such as an NSL, I have no
gag order of any kind, and am not under any sort of compulsion related
to the CipherShed project. The latest commit I have reviewed and
trust all the way back to the original TrueCrypt original source is
e8529e95d89d3f519a31ef7de5bd7f0d0d318e8c.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJTsxYuAAoJEL9an3rWhBk+I/4P/2Kfd+JrKi2FxZSFqIxvcFXZ
3Q2Yv1jjF9Y7ZHs/dY95CF0hQJq4pYuEJYHMEQLXPkcCFlG72HrSeV2oHzhpmyI4
hhEl9sTorrlWAnZ8jsnIwG8mH/KXHNW75WqcxTzqxnLX2w2yoizrYhYQPciMAIDl
RuueIBN1xMmeJVMNnl6MvEouatvQt87nb/HBa91NT7C6AOepAx1isqEWKVHdwn00
KvM/QnuINe8rqzggFrU/1nJgoY3g8J1fWQPliMoV9AvVvnobnftGQiJE+itcawC0
16IMEkS6SKa5MKnBaFaWYf573clM8xVDhH5t1k8cg8Ac/DdSUKW5Dpb4qFOUU1hw
37PuYG5zoVkQLLdYLF0DQJbUr7IKCrsKMVmNQetSjsLha1Mc4hZJSsOuSAuUbQto
o+1zKdi2VQZ0W/Bc/vV+P6EOZdRqAu3SaiuESgiyx9meaH6c7M+VtSuE4Ajtn/oA
hDeR/TuLof+gqqIdQAFryHiby/z5dAPTUwyhAei46lwYAmvLXokOynlrWVIwk+99
Q97f1DXelXw2gwNM8V0b+FTHjEu1DNqVUg9m0F1DlvY+t7vhXnbyktwIatUuZWzL
403HruZuf6Lnn6Pt0ktiI+kNEnqLZN/s7Xw9wevx7lNznpjiv3ASEqO5qIGd5phE
OkRxiSqxApfq0zazyMCP
=FAvj
-----END PGP SIGNATURE-----
Other related posts:
