diff options
author | Nick Mathewson <nickm@torproject.org> | 2011-01-15 12:12:10 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2011-01-15 12:12:10 -0500 |
commit | 1fcfc186284a375bab2595162564f0dd6c1d19f0 (patch) | |
tree | 93ff838386a66b3d19f3bb89d15ac5193e076b4d /src/common | |
parent | d14b0d54d2469744266769d7e61135d1aa1c9c11 (diff) | |
download | tor-1fcfc186284a375bab2595162564f0dd6c1d19f0.tar.gz tor-1fcfc186284a375bab2595162564f0dd6c1d19f0.zip |
clean up message; explain a magic number in a comment
Diffstat (limited to 'src/common')
-rw-r--r-- | src/common/torgzip.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/src/common/torgzip.c b/src/common/torgzip.c index 7678668777..249151cc9b 100644 --- a/src/common/torgzip.c +++ b/src/common/torgzip.c @@ -58,9 +58,18 @@ method_bits(compress_method_t method) } /* These macros define the maximum allowable compression factor. Anything of - * size greater than <b>check_for_compression_bomb_after</b> is not allowed to + * size greater than CHECK_FOR_COMPRESSION_BOMB_AFTER is not allowed to * have an uncompression factor (uncompressed size:compressed size ratio) of - * any greater than MAX_UNCOMPRESSION_FACTOR. */ + * any greater than MAX_UNCOMPRESSION_FACTOR. + * + * Picking a value for MAX_UNCOMPRESSION_FACTOR is a trade-off: we want it to + * be small to limit the attack multiplier, but we also want it to be large + * enough so that no legitimate document --even ones we might invent in the + * future -- ever compresses by a factor of greater than + * MAX_UNCOMPRESSION_FACTOR. Within those parameters, there's a reasonably + * large range of possible values. IMO, anything over 8 is probably safe; IMO + * anything under 50 is probably sufficient. + */ #define MAX_UNCOMPRESSION_FACTOR 25 #define CHECK_FOR_COMPRESSION_BOMB_AFTER (1024*64) @@ -291,7 +300,7 @@ tor_gzip_uncompress(char **out, size_t *out_len, goto err; } if (is_compression_bomb(in_len, out_size)) { - log_warn(LD_GENERAL, "Input looks look a possible zlib bomb; " + log_warn(LD_GENERAL, "Input looks like a possible zlib bomb; " "not proceeding."); goto err; } |