aboutsummaryrefslogtreecommitdiff
path: root/changes
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2013-02-11 16:40:48 -0500
committerNick Mathewson <nickm@torproject.org>2013-02-11 16:46:38 -0500
commit719940df2bdfbd0f5ee02a9ca404f345d2fc49e8 (patch)
tree9e0a1eb4df791ee2265f413877f7d036493a8507 /changes
parent9b2bb901d7c306fd6ca28de527e86379470db89a (diff)
downloadtor-719940df2bdfbd0f5ee02a9ca404f345d2fc49e8.tar.gz
tor-719940df2bdfbd0f5ee02a9ca404f345d2fc49e8.zip
Fix a nigh-impossible overflow in cpuworker.c
When we compute the estimated microseconds we need to handle our pending onionskins, we could (in principle) overflow a uint32_t if we ever had 4 million pending onionskins before we had any data about how onionskins take. Nevertheless, let's compute it properly. Fixes bug 8210; bugfix on 0.2.4.10. Found by coverity; this is CID 980651.
Diffstat (limited to 'changes')
-rw-r--r--changes/bug82106
1 files changed, 6 insertions, 0 deletions
diff --git a/changes/bug8210 b/changes/bug8210
new file mode 100644
index 0000000000..85d41b844a
--- /dev/null
+++ b/changes/bug8210
@@ -0,0 +1,6 @@
+ o Minor bugfixes:
+ - Fix an impossible-to-trigger integer overflow when
+ estimating how long out onionskin queue would take. (This overflow
+ would require us to accept 4 million onionskins before processing
+ 100 of them.) Fixes bug 8210; bugfix on 0.2.4.10-alpha.
+