r11469@Kushana: nickm | 2006-12-07 15:11:04 -0500

Round stored/transmitted values for bandwidth usage.  This might make some attacks work less well.  This might well be voodoo, but it gives me a warm fuzzy feeling.


svn:r9048

ChangeLog

@@ -23,6 +23,8 @@ Changes in version 0.1.2.5-xxxx - 200?-??-??
     - Clients do not store bandwidth history in their state files. (This
       shouldn't be an exploitable security issue, but it's better to be
       safe.)
+    - When generating bandwidth history, round down to the nearest 1k. When
+      storing accounting data, round up to the nearest 1k.
 
   o Controller bugfixes:
     - Report the circuit number correctly in STREAM CLOSED events. (Bug

src/or/hibernate.c

@@ -530,6 +530,7 @@ accounting_set_wakeup_time(void)
   }
 }
 
+#define ROUND_UP(x) (((x) + 0x3ff) & ~0x3ff)
 #define BW_ACCOUNTING_VERSION 1
 /** Save all our bandwidth tracking information to disk. Return 0 on
  * success, -1 on failure. */
@@ -561,8 +562,8 @@ accounting_record_bandwidth_usage(time_t now, or_state_t *state)
                BW_ACCOUNTING_VERSION,
                time1,
                time2,
-               U64_PRINTF_ARG(n_bytes_read_in_interval),
+               U64_PRINTF_ARG(ROUND_UP(n_bytes_read_in_interval)),
-               U64_PRINTF_ARG(n_bytes_written_in_interval),
+               U64_PRINTF_ARG(ROUND_UP(n_bytes_written_in_interval)),
                (unsigned long)n_seconds_active_in_interval,
                (unsigned long)expected_bandwidth_usage);
   tor_snprintf(fname, sizeof(fname), "%s/bw_accounting",
@@ -571,14 +572,16 @@ accounting_record_bandwidth_usage(time_t now, or_state_t *state)
 
   /* Now update the state */
   state->AccountingIntervalStart = interval_start_time;
-  state->AccountingBytesReadInInterval = n_bytes_read_in_interval;
+  state->AccountingBytesReadInInterval = ROUND_UP(n_bytes_read_in_interval);
-  state->AccountingBytesWrittenInInterval = n_bytes_written_in_interval;
+  state->AccountingBytesWrittenInInterval =
+    ROUND_UP(n_bytes_written_in_interval);
   state->AccountingSecondsActive = n_seconds_active_in_interval;
   state->AccountingExpectedUsage = expected_bandwidth_usage;
   or_state_mark_dirty(state, 60);
 
   return r;
 }
+#undef ROUND_UP
 
 /** Read stored accounting information from disk. Return 0 on success;
  * return -1 and change nothing on failure. */

src/or/rephist.c

@@ -596,13 +596,14 @@ rep_hist_fill_bandwidth_history(char *buf, size_t len, bw_array_t *b)
   }
 
   for (n=0; n<b->num_maxes_set; ++n,++i) {
+    uint64_t total;
     while (i >= NUM_TOTALS) i -= NUM_TOTALS;
+    /* Round the bandwidth used down to the nearest 1k. */
+    total = b->totals[i] & ~0x3ff;
     if (n==(b->num_maxes_set-1))
-      tor_snprintf(cp, len-(cp-buf), U64_FORMAT,
+      tor_snprintf(cp, len-(cp-buf), U64_FORMAT, U64_PRINTF_ARG(total));
-                   U64_PRINTF_ARG(b->totals[i]));
     else
-      tor_snprintf(cp, len-(cp-buf), U64_FORMAT",",
+      tor_snprintf(cp, len-(cp-buf), U64_FORMAT",", U64_PRINTF_ARG(total));
-                   U64_PRINTF_ARG(b->totals[i]));
     cp += strlen(cp);
   }
   return cp-buf;