nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-24 04:13:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix a signed integer overflow in dir/download_status_random_backoff

Browse Source 
Fix for 22924. Bugfix on 0.2.9.1-alpha when the test was introducd
-- though it couldn't actually overflow until we fixed 17750.

Additionally, this only seems to overflow on 32-bit, and only when
the compiler doesn't re-order the (possibly dead) assignment out of
the way.  We ran into it on a 32-bit ubuntu trusty builder.
This commit is contained in:
Nick Mathewson 2017-07-14 13:56:40 -04:00
parent 527c0735f1
commit b7566d465f
2 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
changes/bug22924 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfies (tests):
- Fix a signed-integer overflow in the unit tests for
dir/download_status_random_backoff, which was untriggered until we
fixed bug 17750. Fixes bug 22924; bugfix on 0.2.9.1-alpha.

4
src/test/test_dir.c
View File

@ -3657,12 +3657,14 @@ download_status_random_backoff_helper(int min_delay, int max_delay)
}
/* Advance */
current_time += increment;
++(dls_random.n_download_attempts);
++(dls_random.n_download_failures);
/* Try another maybe */
old_increment = increment;
if (increment >= max_delay)
current_time += increment;
} while (increment < max_delay);
done: