diff options
author | David Goulet <dgoulet@torproject.org> | 2018-02-02 13:14:50 -0500 |
---|---|---|
committer | David Goulet <dgoulet@torproject.org> | 2018-02-02 14:48:41 -0500 |
commit | 4d812e29b9b1ec88fe268c150a826466b23a8762 (patch) | |
tree | 147be39c4fd704dde0832f593170258eb4cd6ba0 | |
parent | 51839f47650463f59bd2cc84da05d5bc535d699d (diff) | |
download | tor-4d812e29b9b1ec88fe268c150a826466b23a8762.tar.gz tor-4d812e29b9b1ec88fe268c150a826466b23a8762.zip |
geoip: Increment and decrement functions for the geoip client cache
These functions protect againts over and underflow. They BUG() in case we
overflow the counter.
Signed-off-by: David Goulet <dgoulet@torproject.org>
-rw-r--r-- | src/or/geoip.c | 32 |
1 files changed, 30 insertions, 2 deletions
diff --git a/src/or/geoip.c b/src/or/geoip.c index c5e8cdab93..92db9742e8 100644 --- a/src/or/geoip.c +++ b/src/or/geoip.c @@ -76,6 +76,34 @@ static char geoip6_digest[DIGEST_LEN]; * handler. */ static size_t geoip_client_history_cache_size; +/* Increment the geoip client history cache size counter with the given bytes. + * This prevents an overflow and set it to its maximum in that case. */ +static inline void +geoip_increment_client_history_cache_size(size_t bytes) +{ + /* This is shockingly high, lets log it so it can be reported. */ + IF_BUG_ONCE(geoip_client_history_cache_size > (SIZE_MAX - bytes)) { + geoip_client_history_cache_size = SIZE_MAX; + return; + } + geoip_client_history_cache_size += bytes; +} + +/* Decrement the geoip client history cache size counter with the given bytes. + * This prevents an underflow and set it to 0 in that case. */ +static inline void +geoip_decrement_client_history_cache_size(size_t bytes) +{ + /* Going below 0 means that we either allocated an entry without + * incrementing the counter or we have different sizes when allocating and + * freeing. It shouldn't happened so log it. */ + IF_BUG_ONCE(geoip_client_history_cache_size < bytes) { + geoip_client_history_cache_size = 0; + return; + } + geoip_client_history_cache_size -= bytes; +} + /** Return the index of the <b>country</b>'s entry in the GeoIP * country list if it is a valid 2-letter country code, otherwise * return -1. */ @@ -546,7 +574,7 @@ clientmap_entry_free(clientmap_entry_t *ent) if (!ent) return; - geoip_client_history_cache_size -= clientmap_entry_size(ent); + geoip_decrement_client_history_cache_size(clientmap_entry_size(ent)); tor_free(ent->transport_name); tor_free(ent); @@ -610,7 +638,7 @@ geoip_note_client_seen(geoip_client_action_t action, ent->transport_name = tor_strdup(transport_name); ent->action = (int)action; HT_INSERT(clientmap, &client_history, ent); - geoip_client_history_cache_size += clientmap_entry_size(ent); + geoip_increment_client_history_cache_size(clientmap_entry_size(ent)); } if (now / 60 <= (int)MAX_LAST_SEEN_IN_MINUTES && now >= 0) ent->last_seen_in_minutes = (unsigned)(now/60); |