[tor-bugs] #30920 [Core Tor/Tor]: Detect uint64 overflow in config_parse_units()
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Oct 16 14:57:24 UTC 2019
#30920: Detect uint64 overflow in config_parse_units()
---------------------------+------------------------------------
Reporter: nickm | Owner: (none)
Type: defect | Status: needs_revision
Priority: Low | Milestone: Tor: 0.4.3.x-final
Component: Core Tor/Tor | Version:
Severity: Minor | Resolution:
Keywords: easy overflow | Actual Points:
Parent ID: | Points:
Reviewer: teor | Sponsor:
---------------------------+------------------------------------
Comment (by guigom):
Hi Teor.
I've updated the PR with a couple of tests, one that fails the double
check and one that passes double but fails int check.
Reasoning:
// Fails double check //
15000000.5 TB fails double check as its a greater floating number than
(double)INT64_MAX
// Passes double check but fails int check //
8388608.1 TB passes double check because it falls in the same value as
(double)INT64_MAX (which is ^63^), but will fail the int check because
(uint64_t)d, which is 2^63^, is strictly greater than 2^63^-1 (INT64_MAX)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30920#comment:22>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list