nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-21 05:26:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'maint-0.3.5' into maint-0.4.0

Browse Source
This commit is contained in:
Nick Mathewson 2019-02-21 10:08:14 -05:00
commit 00a93b19cf
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
changes/ticket29168 Normal file
View File

@ -0,0 +1,5 @@
o Major bugfixes (cell scheduler, KIST):
- Make KIST to always take into account the outbuf length when computing
what we can actually put in the outbuf. This could lead to the outbuf
being filled up and thus a possible memory DoS vector. TROVE-2019-001.
Fixes bug 29168; bugfix on 0.3.2.1-alpha.

2
src/core/or/scheduler_kist.c
View File

@ -286,7 +286,7 @@ update_socket_info_impl, (socket_table_ent_t *ent))
extra_space =
clamp_double_to_int64(
(ent->cwnd * (int64_t)ent->mss) * sock_buf_size_factor) -
ent->notsent;
ent->notsent - (int64_t)channel_outbuf_length((channel_t *) ent->chan);
if ((tcp_space + extra_space) < 0) {
/* This means that the "notsent" queue is just too big so we shouldn't put
* more in the kernel for now. */