diff options
| author | Ivan Markin <twim@riseup.net> | 2016-06-17 03:44:58 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-07-26 09:49:40 -0400 |
| commit | 77459b97aac15949c5160ca8abb9af792f02ac73 (patch) | |
| tree | 970d2ef4aaf6d82b3f6e0efeaae8722f221ca216 | |
| parent | 264fb7eb82f5df59247f1e2f4ea906fd9a0def61 (diff) | |
| download | tor-77459b97aac15949c5160ca8abb9af792f02ac73.tar.gz tor-77459b97aac15949c5160ca8abb9af792f02ac73.zip | |
Fix integer overflow in the rate-limiter (#19435).
| -rw-r--r-- | changes/bug19435 | 6 | ||||
| -rw-r--r-- | src/common/util.c | 14 | ||||
| -rw-r--r-- | src/common/util.h | 1 |
3 files changed, 19 insertions, 2 deletions
diff --git a/changes/bug19435 b/changes/bug19435 new file mode 100644 index 0000000000..ccd916be0f --- /dev/null +++ b/changes/bug19435 @@ -0,0 +1,6 @@ + o Major bugfixes (user interface): + - Fix an integer overflow in the rate-limiter that caused displaying of + wrong number of suppressed messages (if there are too many of them). + If the number of messages hits the limit of messages per interval the + rate-limiter drops a warning and doesn't count any further. + Fixes bug 19435. diff --git a/src/common/util.c b/src/common/util.c index 538aeb108d..72efd897a7 100644 --- a/src/common/util.c +++ b/src/common/util.c @@ -1983,7 +1983,9 @@ update_approx_time(time_t now) /** If the rate-limiter <b>lim</b> is ready at <b>now</b>, return the number * of calls to rate_limit_is_ready (including this one!) since the last time - * rate_limit_is_ready returned nonzero. Otherwise return 0. */ + * rate_limit_is_ready returned nonzero. Otherwise return 0. + * If the call number hits <b>RATELIM_TOOMANY</b> limit, drop a warning + * about this event and stop counting. */ static int rate_limit_is_ready(ratelim_t *lim, time_t now) { @@ -1993,7 +1995,15 @@ rate_limit_is_ready(ratelim_t *lim, time_t now) lim->n_calls_since_last_time = 0; return res; } else { - ++lim->n_calls_since_last_time; + if (lim->n_calls_since_last_time < RATELIM_TOOMANY) { + ++lim->n_calls_since_last_time; + } else if (lim->n_calls_since_last_time == RATELIM_TOOMANY) { + log_warn(LD_GENERAL, + "Enormously large number of messages (%d). It's probably a bug.", + RATELIM_TOOMANY); + ++lim->n_calls_since_last_time; + } + return 0; } } diff --git a/src/common/util.h b/src/common/util.h index 0d48eac1ad..837d2e9cf3 100644 --- a/src/common/util.h +++ b/src/common/util.h @@ -292,6 +292,7 @@ typedef struct ratelim_t { } ratelim_t; #define RATELIM_INIT(r) { (r), 0, 0 } +#define RATELIM_TOOMANY (16*1000) char *rate_limit_log(ratelim_t *lim, time_t now); |