diff options
| author | David Goulet <dgoulet@torproject.org> | 2017-02-01 11:07:09 -0500 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2017-02-01 11:07:09 -0500 |
| commit | cc0342a2ae4264c5b8796e2731a51272342bb8f4 (patch) | |
| tree | a39721111878b4c4c72c579f4a095f2678a29018 | |
| parent | 77788fa5374448fe6e12ab9bf7672d8187f73997 (diff) | |
| download | tor-cc0342a2ae4264c5b8796e2731a51272342bb8f4.tar.gz tor-cc0342a2ae4264c5b8796e2731a51272342bb8f4.zip | |
hs: Fix possible integer underflow with IP nodes
In rend_consider_services_intro_points(), we had a possible interger underflow
which could lead to creating a very large number of intro points. We had a
safe guard against that *except* if the expiring_nodes list was not empty
which is realistic thing.
This commit removes the check on the expiring nodes length being zero. It's
not because we have an empty list of expiring nodes that we don't want to open
new IPs. Prior to this check, we remove invalid IP nodes from the main list of
a service so it should be the only thing to look at when deciding if we need
to create new IP(s) or not.
Partially fixes #21302.
Signed-off-by: David Goulet <dgoulet@torproject.org>
| -rw-r--r-- | src/or/rendservice.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 00f251588c..5514de6f06 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -4072,17 +4072,17 @@ rend_consider_services_intro_points(void) /* Avoid mismatched signed comparaison below. */ intro_nodes_len = (unsigned int) smartlist_len(service->intro_nodes); - /* Quiescent state, no node expiring and we have more or the amount of - * wanted node for this service. Proceed to the next service. Could be - * more because we launch two preemptive circuits if our intro nodes - * list is empty. */ - if (smartlist_len(service->expiring_nodes) == 0 && - intro_nodes_len >= service->n_intro_points_wanted) { + /* Quiescent state, we have more or the equal amount of wanted node for + * this service. Proceed to the next service. We can have more nodes + * because we launch extra preemptive circuits if our intro nodes list was + * originally empty for performance reasons. */ + if (intro_nodes_len >= service->n_intro_points_wanted) { continue; } - /* Number of intro points we want to open which is the wanted amount - * minus the current amount of valid nodes. */ + /* Number of intro points we want to open which is the wanted amount minus + * the current amount of valid nodes. We know that this won't underflow + * because of the check above. */ n_intro_points_to_open = service->n_intro_points_wanted - intro_nodes_len; if (intro_nodes_len == 0) { /* We want to end up with n_intro_points_wanted intro points, but if |