[or-cvs] Point out a potential DoS flaw in caching untrusted network

[arma at seul.org]

Update of /home2/or/cvsroot/tor/src/or
In directory moria:/home/arma/work/onion/cvs/tor/src/or

Modified Files:
	routerlist.c 
Log Message:
Point out a potential DoS flaw in caching untrusted network
statuses to disk. We should resolve sometime.


Index: routerlist.c
===================================================================
RCS file: /home2/or/cvsroot/tor/src/or/routerlist.c,v
retrieving revision 1.464
retrieving revision 1.465
diff -u -p -d -r1.464 -r1.465
--- routerlist.c	19 Mar 2006 01:21:59 -0000	1.464
+++ routerlist.c	21 Mar 2006 05:27:35 -0000	1.465
@@ -1974,7 +1974,7 @@ add_networkstatus_to_cache(const char *s
 #define NETWORKSTATUS_ALLOW_SKEW (24*60*60)
 /** Given a string <b>s</b> containing a network status that we received at
  * <b>arrived_at</b> from <b>source</b>, try to parse it, see if we want to
- * store it, and put it into our cache is necessary.
+ * store it, and put it into our cache as necessary.
  *
  * If <b>source</b> is NS_FROM_DIR or NS_FROM_CACHE, do not replace our
  * own networkstatus_t (if we're a directory server).
@@ -2065,6 +2065,10 @@ router_set_networkstatus(const char *s, 
 
   if (!trusted_dir) {
     if (!skewed && get_options()->DirPort) {
+      /* XXX This is great as a first cut, but it looks like
+       * any old person can give us an untrusted network-status and
+       * we'll write it to disk as the newest one we have?
+       * Also, there is no limit on the number that we'll store? -RD */
       add_networkstatus_to_cache(s, source, ns);
       networkstatus_free(ns);
     }