#30920: Detect uint64 overflow in config_parse_units() ------------------------------+-------------------------------- Reporter: nickm | Owner: (none) Type: defect | Status: new Priority: Low | Milestone: Tor: 0.4.2.x-final Component: Core Tor/Tor | Version: Severity: Minor | Keywords: Actual Points: | Parent ID: Points: | Reviewer: Sponsor: | ------------------------------+-------------------------------- The config_parse_units function uses 64-bit arithmetic, but does not detect 64-bit overflow. This means that values like "20000000 TB", which should be rejected, are instead mis-parsed.
Since this function is only used for configuration parsing, it's not a huge issue, but it should be simple enough to resolve this. Found while working on 30893. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30920> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs