Merge branch 'maint-0.3.4'

changes/bug27649

@@ -0,0 +1,4 @@
+  o Minor bugfixes (rust):
+    - The protover rewrite in 24031 allowed repeated votes from the same
+      voter for the same protocol version to be counted multiple times in
+      protover_compute_vote(). Fixes bug 27649; bugfix on 0.3.3.5-rc.

src/rust/protover/protoset.rs

@@ -174,7 +174,7 @@ impl ProtoSet {
             if low == u32::MAX || high == u32::MAX {
                 return Err(ProtoverError::ExceedsMax);
             }
-            if low < last_high {
+            if low <= last_high {
                 return Err(ProtoverError::Overlap);
             } else if low > high {
                 return Err(ProtoverError::LowGreaterThanHigh);
@@ -521,7 +521,6 @@ mod test {
         test_protoset_contains_versions!(&[1], "1");
         test_protoset_contains_versions!(&[1, 2], "1,2");
         test_protoset_contains_versions!(&[1, 2, 3], "1-3");
-        test_protoset_contains_versions!(&[0, 1], "0-1");
         test_protoset_contains_versions!(&[1, 2, 5], "1-2,5");
         test_protoset_contains_versions!(&[1, 3, 4, 5], "1,3-5");
         test_protoset_contains_versions!(&[42, 55, 56, 57, 58], "42,55-58");
@@ -597,9 +596,9 @@ mod test {
 
     #[test]
     fn test_protoset_contains() {
-        let protoset: ProtoSet = ProtoSet::from_slice(&[(0, 5), (7, 9), (13, 14)]).unwrap();
+        let protoset: ProtoSet = ProtoSet::from_slice(&[(1, 5), (7, 9), (13, 14)]).unwrap();
 
-        for x in 0..6 {
+        for x in 1..6 {
             assert!(protoset.contains(&x), format!("should contain {}", x));
         }
         for x in 7..10 {
@@ -615,10 +614,10 @@ mod test {
     }
 
     #[test]
-    fn test_protoset_contains_0_3() {
+    fn test_protoset_contains_1_3() {
-        let protoset: ProtoSet = ProtoSet::from_slice(&[(0, 3)]).unwrap();
+        let protoset: ProtoSet = ProtoSet::from_slice(&[(1, 3)]).unwrap();
 
-        for x in 0..4 {
+        for x in 1..4 {
             assert!(protoset.contains(&x), format!("should contain {}", x));
         }
     }
@@ -640,8 +639,8 @@ mod test {
     }
 
     #[test]
-    fn test_protoset_from_vec_0_315() {
+    fn test_protoset_from_vec_1_315() {
-        assert_protoset_from_vec_contains_all!(0, 1, 2, 3, 15);
+        assert_protoset_from_vec_contains_all!(1, 2, 3, 15);
     }
 
     #[test]

src/rust/protover/protover.rs

@@ -862,10 +862,10 @@ mod test {
 
     #[test]
     fn test_protoentry_all_supported_unsupported_low_version() {
-        let protocols: UnvalidatedProtoEntry = "Cons=0-1".parse().unwrap();
+        let protocols: UnvalidatedProtoEntry = "HSIntro=2-3".parse().unwrap();
         let unsupported: Option<UnvalidatedProtoEntry> = protocols.all_supported();
         assert_eq!(true, unsupported.is_some());
-        assert_eq!("Cons=0", &unsupported.unwrap().to_string());
+        assert_eq!("HSIntro=2", &unsupported.unwrap().to_string());
     }
 
     #[test]

src/rust/protover/tests/protover.rs

@@ -106,10 +106,10 @@ fn protocol_all_supported_with_unsupported_versions() {
 
 #[test]
 fn protocol_all_supported_with_unsupported_low_version() {
-    let protocols: UnvalidatedProtoEntry = "Cons=0-1".parse().unwrap();
+    let protocols: UnvalidatedProtoEntry = "HSIntro=2-3".parse().unwrap();
     let unsupported: Option<UnvalidatedProtoEntry> = protocols.all_supported();
     assert_eq!(true, unsupported.is_some());
-    assert_eq!("Cons=0", &unsupported.unwrap().to_string());
+    assert_eq!("HSIntro=2", &unsupported.unwrap().to_string());
 }
 
 #[test]
@@ -364,18 +364,18 @@ fn protover_all_supported_should_exclude_some_versions_and_entire_protocols() {
 
 #[test]
 fn protover_all_supported_should_not_dos_anyones_computer() {
-    let proto: UnvalidatedProtoEntry = "Sleen=0-2147483648".parse().unwrap();
+    let proto: UnvalidatedProtoEntry = "Sleen=1-2147483648".parse().unwrap();
     let result: String = proto.all_supported().unwrap().to_string();
 
-    assert_eq!(result, "Sleen=0-2147483648".to_string());
+    assert_eq!(result, "Sleen=1-2147483648".to_string());
 }
 
 #[test]
 fn protover_all_supported_should_not_dos_anyones_computer_max_versions() {
-    let proto: UnvalidatedProtoEntry = "Sleen=0-4294967294".parse().unwrap();
+    let proto: UnvalidatedProtoEntry = "Sleen=1-4294967294".parse().unwrap();
     let result: String = proto.all_supported().unwrap().to_string();
 
-    assert_eq!(result, "Sleen=0-4294967294".to_string());
+    assert_eq!(result, "Sleen=1-4294967294".to_string());
 }
 
 #[test]
@@ -398,7 +398,7 @@ fn protover_unvalidatedprotoentry_should_err_entirely_unparseable_things() {
 
 #[test]
 fn protover_all_supported_over_maximum_limit() {
-    let proto: Result<UnvalidatedProtoEntry, ProtoverError> = "Sleen=0-4294967295".parse();
+    let proto: Result<UnvalidatedProtoEntry, ProtoverError> = "Sleen=1-4294967295".parse();
 
     assert_eq!(Err(ProtoverError::ExceedsMax), proto);
 }

src/test/test_protover.c

@@ -298,13 +298,13 @@ test_protover_all_supported(void *arg)
   tor_free(msg);
 
   /* We shouldn't be able to DoS ourselves parsing a large range. */
-  tt_assert(! protover_all_supported("Sleen=0-2147483648", &msg));
+  tt_assert(! protover_all_supported("Sleen=1-2147483648", &msg));
-  tt_str_op(msg, OP_EQ, "Sleen=0-2147483648");
+  tt_str_op(msg, OP_EQ, "Sleen=1-2147483648");
   tor_free(msg);
 
   /* This case is allowed. */
-  tt_assert(! protover_all_supported("Sleen=0-4294967294", &msg));
+  tt_assert(! protover_all_supported("Sleen=1-4294967294", &msg));
-  tt_str_op(msg, OP_EQ, "Sleen=0-4294967294");
+  tt_str_op(msg, OP_EQ, "Sleen=1-4294967294");
   tor_free(msg);
 
   /* If we get a (barely) valid (but unsupported list, we say "yes, that's
@@ -321,7 +321,7 @@ test_protover_all_supported(void *arg)
   /* If we get a completely unparseable list, protover_all_supported should
    * hit a fatal assertion for BUG(entries == NULL). */
   tor_capture_bugs_(1);
-  tt_assert(protover_all_supported("Sleen=0-4294967295", &msg));
+  tt_assert(protover_all_supported("Sleen=1-4294967295", &msg));
   tor_end_capture_bugs_();
 
   /* Protocol name too long */
@@ -556,11 +556,11 @@ test_protover_vote_roundtrip(void *args)
     { "Zn=4294967295-1", NULL },
     { "Zn=4294967293-4294967295", NULL },
     /* Will fail because of 4294967295. */
-    { "Foo=1,3 Bar=3 Baz= Quux=9-12,14,15-16,900 Zn=0,4294967295",
+    { "Foo=1,3 Bar=3 Baz= Quux=9-12,14,15-16,900 Zn=1,4294967295",
        NULL },
-    { "Foo=1,3 Bar=3 Baz= Quux=9-12,14,15-16,900 Zn=0,4294967294",
+    { "Foo=1,3 Bar=3 Baz= Quux=9-12,14,15-16,900 Zn=1,4294967294",
-      "Bar=3 Foo=1,3 Quux=9-12,14-16,900 Zn=0,4294967294" },
+      "Bar=3 Foo=1,3 Quux=9-12,14-16,900 Zn=1,4294967294" },
-    { "Zu16=0,65536", "Zu16=0,65536" },
+    { "Zu16=1,65536", "Zu16=1,65536" },
     { "N-1=1,2", "N-1=1-2" },
     { "-1=4294967295", NULL },
     { "-1=3", "-1=3" },
@@ -597,9 +597,9 @@ test_protover_vote_roundtrip(void *args)
     { "Sleen=1-501", "Sleen=1-501" },
     { "Sleen=1-65537", NULL },
     /* Both C/Rust implementations should be able to handle this mild DoS. */
-    { "Sleen=0-2147483648", NULL },
+    { "Sleen=1-2147483648", NULL },
     /* Rust tests are built in debug mode, so ints are bounds-checked. */
-    { "Sleen=0-4294967295", NULL },
+    { "Sleen=1-4294967295", NULL },
   };
   unsigned u;
   smartlist_t *votes = smartlist_new();