r11469@Kushana: nickm | 2006-12-07 15:11:04 -0500

Round stored/transmitted values for bandwidth usage. This might make some attacks work less well. This might well be voodoo, but it gives me a warm fuzzy feeling. svn:r9048
2024-11-27 22:03:31 +01:00 · 2006-12-07 20:11:36 +00:00 · 2006-12-07 20:11:36 +00:00 · b4a90ca8a3
commit b4a90ca8a3
parent 7c79495137
3 changed files with 14 additions and 8 deletions
--- a/2
+++ b/2
@ -23,6 +23,8 @@ Changes in version 0.1.2.5-xxxx - 200?-??-??
    - Clients do not store bandwidth history in their state files. (This
      shouldn't be an exploitable security issue, but it's better to be
      safe.)
+    - When generating bandwidth history, round down to the nearest 1k. When
+      storing accounting data, round up to the nearest 1k.

  o Controller bugfixes:
    - Report the circuit number correctly in STREAM CLOSED events. (Bug
--- a/src/or/hibernate.c
+++ b/src/or/hibernate.c
@ -530,6 +530,7 @@ accounting_set_wakeup_time(void)
  }
 }

+#define ROUND_UP(x) (((x) + 0x3ff) & ~0x3ff)
 #define BW_ACCOUNTING_VERSION 1
 /** Save all our bandwidth tracking information to disk. Return 0 on
 * success, -1 on failure. */
@ -561,8 +562,8 @@ accounting_record_bandwidth_usage(time_t now, or_state_t *state)
               BW_ACCOUNTING_VERSION,
               time1,
               time2,
-               U64_PRINTF_ARG(n_bytes_read_in_interval),
-               U64_PRINTF_ARG(n_bytes_written_in_interval),
+               U64_PRINTF_ARG(ROUND_UP(n_bytes_read_in_interval)),
+               U64_PRINTF_ARG(ROUND_UP(n_bytes_written_in_interval)),
               (unsigned long)n_seconds_active_in_interval,
               (unsigned long)expected_bandwidth_usage);
  tor_snprintf(fname, sizeof(fname), "%s/bw_accounting",
@ -571,14 +572,16 @@ accounting_record_bandwidth_usage(time_t now, or_state_t *state)

  /* Now update the state */
  state->AccountingIntervalStart = interval_start_time;
-  state->AccountingBytesReadInInterval = n_bytes_read_in_interval;
-  state->AccountingBytesWrittenInInterval = n_bytes_written_in_interval;
+  state->AccountingBytesReadInInterval = ROUND_UP(n_bytes_read_in_interval);
+  state->AccountingBytesWrittenInInterval =
+    ROUND_UP(n_bytes_written_in_interval);
  state->AccountingSecondsActive = n_seconds_active_in_interval;
  state->AccountingExpectedUsage = expected_bandwidth_usage;
  or_state_mark_dirty(state, 60);

  return r;
 }
+#undef ROUND_UP

 /** Read stored accounting information from disk. Return 0 on success;
 * return -1 and change nothing on failure. */
--- a/src/or/rephist.c
+++ b/src/or/rephist.c
@ -596,13 +596,14 @@ rep_hist_fill_bandwidth_history(char *buf, size_t len, bw_array_t *b)
  }

  for (n=0; n<b->num_maxes_set; ++n,++i) {
+    uint64_t total;
    while (i >= NUM_TOTALS) i -= NUM_TOTALS;
+    /* Round the bandwidth used down to the nearest 1k. */
+    total = b->totals[i] & ~0x3ff;
    if (n==(b->num_maxes_set-1))
-      tor_snprintf(cp, len-(cp-buf), U64_FORMAT,
-                   U64_PRINTF_ARG(b->totals[i]));
+      tor_snprintf(cp, len-(cp-buf), U64_FORMAT, U64_PRINTF_ARG(total));
    else
-      tor_snprintf(cp, len-(cp-buf), U64_FORMAT",",
-                   U64_PRINTF_ARG(b->totals[i]));
+      tor_snprintf(cp, len-(cp-buf), U64_FORMAT",", U64_PRINTF_ARG(total));
    cp += strlen(cp);
  }
  return cp-buf;