commit 0672b33f1e0ca160563841aaf7af87adbacd95d3 Author: Alexander Færøy ahf@torproject.org Date: Thu Apr 27 20:09:20 2017 +0200
Enforce 16 MB upper bound of memory usage in LZMA decoder.
This patch changes two things in our LZMA compression backend:
- We lower the preset values for all `compression_level_t` values to ensure that we can run the LZMA decoder with less than 65 MB of memory available. This seems to have a small impact on the real world usage and fits well with our needs.
- We set the upper bound of memory usage for the LZMA decoder to 16 MB.
See: https://bugs.torproject.org/21665 --- src/common/compress_lzma.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/src/common/compress_lzma.c b/src/common/compress_lzma.c index b721bae..b5393a6 100644 --- a/src/common/compress_lzma.c +++ b/src/common/compress_lzma.c @@ -22,6 +22,9 @@ #include <lzma.h> #endif
+/** The maximum amount of memory we allow the LZMA decoder to use, in bytes. */ +#define MEMORY_LIMIT (16 * 1024 * 1024) + /** Total number of bytes allocated for LZMA state. */ static atomic_counter_t total_lzma_allocation;
@@ -33,9 +36,9 @@ memory_level(compression_level_t level) switch (level) { default: case BEST_COMPRESSION: - case HIGH_COMPRESSION: return 9; - case MEDIUM_COMPRESSION: return 6; - case LOW_COMPRESSION: return 3; + case HIGH_COMPRESSION: return 6; + case MEDIUM_COMPRESSION: return 4; + case LOW_COMPRESSION: return 2; } }
@@ -191,9 +194,7 @@ tor_lzma_compress_new(int compress, goto err; } } else { - // FIXME(ahf): This should be something more sensible than - // UINT64_MAX: See #21665. - retval = lzma_alone_decoder(&result->stream, UINT64_MAX); + retval = lzma_alone_decoder(&result->stream, MEMORY_LIMIT);
if (retval != LZMA_OK) { log_warn(LD_GENERAL, "Error from LZMA decoder: %s (%u).",