diff options
| author | Nick Mathewson <nickm@torproject.org> | 2016-11-07 09:58:29 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-11-07 11:01:21 -0500 |
| commit | 1fdf6e5814ae50ed93338644f97c65b497463141 (patch) | |
| tree | bacf33e13693bfd327db7abedec14354776168d1 | |
| parent | 864c42f4d66641028005f8d11868368260a37b84 (diff) | |
| download | tor-1fdf6e5814ae50ed93338644f97c65b497463141.tar.gz tor-1fdf6e5814ae50ed93338644f97c65b497463141.zip | |
Avoid integer overflow in delay calculation.
| -rw-r--r-- | src/or/directory.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/or/directory.c b/src/or/directory.c index d1333a8666..f83f622030 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -3796,11 +3796,15 @@ next_random_exponential_delay(int delay, int max_delay) /* How much are we willing to add to the delay? */ int max_increment; + const int multiplier = 4; /* no more than quintuple. */ - if (delay) - max_increment = delay * 4; /* no more than quintuple. */ - else + if (delay && delay < (INT_MAX-1) / multiplier) { + max_increment = delay * multiplier; + } else if (delay) { + max_increment = INT_MAX-1; + } else { max_increment = 1; /* we're always willing to slow down a little. */ + } /* the + 1 here is so that we include the end of the interval */ int increment = crypto_rand_int(max_increment+1); |