[tor-bugs] #33131 [Core Tor/Tor]: Bug: buf->datalen >= 0x7fffffff

[Tor Bug Tracker & Wiki]

#33131: Bug: buf->datalen >= 0x7fffffff
--------------------------+------------------------------------
 Reporter:  cypherpunks   |          Owner:  (none)
     Type:  defect        |         Status:  needs_revision
 Priority:  Medium        |      Milestone:  Tor: 0.4.4.x-final
Component:  Core Tor/Tor  |        Version:  Tor: 0.4.2.5
 Severity:  Minor         |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:                |         Points:
 Reviewer:  nickm         |        Sponsor:
--------------------------+------------------------------------
Changes (by nickm):

 * status:  needs_review => needs_revision


Comment:

 Hm.  That does seem like a good start. If we're going to merge it, I'd
 suggest some changes:

   * We need a changes file.
   * Logging a warning here would get extremely loud -- we probably
 shouldn't be doing that without a rate-limiter.
   * If we do want to log size_t values, we should be using TOR_PRIuSZ, not
 just casting to long.
   * The value of CONN_INBUF_MAX would make more sense if it were based on
 some value exposed by buffers.h.
   * A test here would be helpful too.

 More broadly, though: if this behavior is the logical consequence of
 setting a very high bandwidth, should we disallow setting the bandwidth
 that high, or issue a warning if people try to do so?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33131#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online