Add diagnostic log message for compression bombs.

This patch causes `tor_compress_is_compression_bomb()` to emit a warning-level log message that lets us learn the potential ratio of the input to output buffer sizes. Hopefully, this will give us a bit of a better idea whether the compression bomb ratio needs some tuning. See: tpo/core/tor#40739.
2024-09-19 20:46:21 +02:00 · 2023-09-13 16:13:28 +02:00 · 2023-09-13 16:13:28 +02:00 · d9a6b37ab1
commit d9a6b37ab1
parent d6c89b1ae1
3 changed files with 13 additions and 2 deletions
--- a/changes/ticket40739
+++ b/changes/ticket40739
@ -0,0 +1,3 @@
+  o Minor features (debugging, compression):
+    - Log the input and output buffer sizes when we detect a potential
+      compression bomb. Diagnostic for ticket 40739.
--- a/src/lib/compress/compress.c
+++ b/src/lib/compress/compress.c
@ -66,7 +66,15 @@ tor_compress_is_compression_bomb,(size_t size_in, size_t size_out))
  if (size_in == 0 || size_out < CHECK_FOR_COMPRESSION_BOMB_AFTER)
    return 0;

-  return (size_out / size_in > MAX_UNCOMPRESSION_FACTOR);
+  if (size_out / size_in > MAX_UNCOMPRESSION_FACTOR) {
+    log_warn(LD_GENERAL,
+             "Detected possible compression bomb with "
+             "input size = %"TOR_PRIuSZ " and output size = %"TOR_PRIuSZ,
+             size_in, size_out);
+    return 1;
+  }
+
+  return 0;
 }

 /** Guess the size that <b>in_len</b> will be after compression or
--- a/src/test/test_util.c
+++ b/src/test/test_util.c
@ -2945,7 +2945,7 @@ test_util_gzip_compression_bomb(void *arg)
  tt_int_op(-1, OP_EQ, tor_compress(&result, &result_len,
                                    one_mb, one_million,
                                    ZLIB_METHOD));
-  expect_single_log_msg_containing(
+  expect_log_msg_containing(
         "We compressed something and got an insanely high "
         "compression factor; other Tors would think this "
         "was a compression bomb.");