[tor-bugs] #30920 [Core Tor/Tor]: Detect uint64 overflow in config_parse_units()
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Oct 28 11:07:07 UTC 2019
#30920: Detect uint64 overflow in config_parse_units()
----------------------------------------+----------------------------------
Reporter: nickm | Owner: (none)
Type: defect | Status: needs_revision
Priority: Low | Milestone: Tor:
| 0.4.3.x-final
Component: Core Tor/Tor | Version:
Severity: Minor | Resolution:
Keywords: easy overflow extra-review | Actual Points: 0.2
Parent ID: | Points:
Reviewer: teor, nickm | Sponsor:
----------------------------------------+----------------------------------
Comment (by guigom):
Replying to [comment:33 teor]:
> We need to fail on negative multipliers, because the function returns an
unsigned integer. I've added a suggestion on the pull request.
>
> Once that is applied, I think we can merge, but I'd like nickm to do a
final review before we merge,
I've submitted the change and added a negative float test so everything is
covered.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30920#comment:34>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list