[tor-bugs] #30920 [Core Tor/Tor]: Detect uint64 overflow in config_parse_units()

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jul 29 15:58:36 UTC 2019


#30920: Detect uint64 overflow in config_parse_units()
---------------------------+------------------------------------
 Reporter:  nickm          |          Owner:  (none)
     Type:  defect         |         Status:  new
 Priority:  Low            |      Milestone:  Tor: 0.4.2.x-final
Component:  Core Tor/Tor   |        Version:
 Severity:  Minor          |     Resolution:
 Keywords:  easy overflow  |  Actual Points:
Parent ID:                 |         Points:
 Reviewer:                 |        Sponsor:
---------------------------+------------------------------------

Comment (by nickm):

 >  Is this the expected behavior, or should it fallback to UINT64_MAX?

 I think that's a better behavior for config_parse_memunit().  In the case
 of config_parse_memunit(), it's better that the user be told about the
 problem than to have us silently ignore their request.

 >  Should lib/intmath/*.h be appended to confmgt .may_include?

 Yes, that's fine.  The purpose of .may_include is to make sure that low-
 level modules don't include headers from high-level modules, and
 lib/intmath is a nice low-level module.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30920#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list