[tor-bugs] #30920 [Core Tor/Tor]: Detect uint64 overflow in config_parse_units()
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jun 19 12:09:43 UTC 2019
#30920: Detect uint64 overflow in config_parse_units()
------------------------------+--------------------------------
Reporter: nickm | Owner: (none)
Type: defect | Status: new
Priority: Low | Milestone: Tor: 0.4.2.x-final
Component: Core Tor/Tor | Version:
Severity: Minor | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------+--------------------------------
The config_parse_units function uses 64-bit arithmetic, but does not
detect 64-bit overflow. This means that values like "20000000 TB", which
should be rejected, are instead mis-parsed.
Since this function is only used for configuration parsing, it's not a
huge issue, but it should be simple enough to resolve this.
Found while working on 30893.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30920>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list