From 0672b33f1e0ca160563841aaf7af87adbacd95d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alexander=20F=C3=A6r=C3=B8y?= Date: Thu, 27 Apr 2017 20:09:20 +0200 Subject: [PATCH] Enforce 16 MB upper bound of memory usage in LZMA decoder. This patch changes two things in our LZMA compression backend: - We lower the preset values for all `compression_level_t` values to ensure that we can run the LZMA decoder with less than 65 MB of memory available. This seems to have a small impact on the real world usage and fits well with our needs. - We set the upper bound of memory usage for the LZMA decoder to 16 MB. See: https://bugs.torproject.org/21665 --- src/common/compress_lzma.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/src/common/compress_lzma.c b/src/common/compress_lzma.c index b721bae8aa..b5393a6ba6 100644 --- a/src/common/compress_lzma.c +++ b/src/common/compress_lzma.c @@ -22,6 +22,9 @@ #include #endif +/** The maximum amount of memory we allow the LZMA decoder to use, in bytes. */ +#define MEMORY_LIMIT (16 * 1024 * 1024) + /** Total number of bytes allocated for LZMA state. */ static atomic_counter_t total_lzma_allocation; @@ -33,9 +36,9 @@ memory_level(compression_level_t level) switch (level) { default: case BEST_COMPRESSION: - case HIGH_COMPRESSION: return 9; - case MEDIUM_COMPRESSION: return 6; - case LOW_COMPRESSION: return 3; + case HIGH_COMPRESSION: return 6; + case MEDIUM_COMPRESSION: return 4; + case LOW_COMPRESSION: return 2; } } @@ -191,9 +194,7 @@ tor_lzma_compress_new(int compress, goto err; } } else { - // FIXME(ahf): This should be something more sensible than - // UINT64_MAX: See #21665. - retval = lzma_alone_decoder(&result->stream, UINT64_MAX); + retval = lzma_alone_decoder(&result->stream, MEMORY_LIMIT); if (retval != LZMA_OK) { log_warn(LD_GENERAL, "Error from LZMA decoder: %s (%u).",