commit b058f64cc002b44e6dd48616ca3163a01c3f3e14 Author: Nick Mathewson nickm@torproject.org Date: Thu Sep 27 16:30:02 2018 -0400
Detect an unlikely integer overflow. --- src/feature/stats/geoip_stats.c | 5 ++++- src/lib/geoip/country.h | 2 ++ 2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/feature/stats/geoip_stats.c b/src/feature/stats/geoip_stats.c index 3e647bd46..1a4f8ddfb 100644 --- a/src/feature/stats/geoip_stats.c +++ b/src/feature/stats/geoip_stats.c @@ -265,7 +265,10 @@ geoip_note_client_seen(geoip_client_action_t action, int country_idx = geoip_get_country_by_addr(addr); if (country_idx < 0) country_idx = 0; /** unresolved requests are stored at index 0. */ - increment_v3_ns_request(country_idx); + IF_BUG_ONCE(country_idx > COUNTRY_MAX) { + return; + } + increment_v3_ns_request((country_t) country_idx); } }
diff --git a/src/lib/geoip/country.h b/src/lib/geoip/country.h index e4ad0752b..080c15602 100644 --- a/src/lib/geoip/country.h +++ b/src/lib/geoip/country.h @@ -11,4 +11,6 @@ /** A signed integer representing a country code. */ typedef int16_t country_t;
+#define COUNTRY_MAX INT16_MAX + #endif
tor-commits@lists.torproject.org
-
nickm@torproject.org