#30920: Detect uint64 overflow in config_parse_units() ---------------------------+------------------------------------ Reporter: nickm | Owner: (none) Type: defect | Status: new Priority: Low | Milestone: Tor: 0.4.3.x-final Component: Core Tor/Tor | Version: Severity: Minor | Resolution: Keywords: easy overflow | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: ---------------------------+------------------------------------ Changes (by teor):
* milestone: Tor: 0.4.2.x-final => Tor: 0.4.3.x-final Comment: Replying to [comment:12 guigom]: > I haven't opened a PR yet but my branch for this ticket is in [https://github.com/JMGuisadoG/tor/tree/ticket30920] > > * Commit adding the u64_nowrap_mul & tests: > [https://github.com/JMGuisadoG/tor/commit/4dd5b593636a9f5944ca2069d1c22c2b4b03d335] > > * Commit adding the check for overflow inside mem_parse_units & enabling tests: > [https://github.com/JMGuisadoG/tor/commit/1ac4b346131fa0f49a5218553cd5d98affb82a76] Thanks! > Replying to [comment:11 teor]: > > Maybe we should fail on anything larger than SSIZE_T_MAX? > > (SSIZE_T_MAX is half the maximum possible memory size.) > > What the reason for checking half the maximum size?. In general, it helps us avoid underflows and other mistakes as well. In this case, there's just no reason to expect that values over 2^63^ are valid. > If that's a go and there's no problem with the code above I can change the if statement accordingly. Sure, feel free to put in a pull request, and someone will review it in the next week. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30920#comment:13> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs