Sanity-check consensus param values

We need to make sure that the worst thing that a weird consensus param can do to us is to break our Tor (and only if the other Tors are reliably broken in the same way) so that the majority of directory authorities can't pull any attacks that are worse than the DoS that they can trigger by simply shutting down. One of these worse things was the cbtnummodes parameter, which could lead to heap corruption on some systems if the value was sufficiently large. This commit fixes this particular issue and also introduces sanity checking for all consensus parameters.
author: Sebastian Hahn <sebastian@torproject.org> 2010-12-30 19:54:13 +0100
committer: Sebastian Hahn <sebastian@torproject.org> 2011-01-15 19:42:17 +0100
commit: 026e7987ad312a26efb926ae44adc158770de7cd (patch)
tree: 73a8e03bc137be9aa3aaa644ea5bc2e1a1586987 /src/or/router.c
parent: ca6c8136128eed09a33aeeddc6d11b58b4eb361b (diff)
download: tor-026e7987ad312a26efb926ae44adc158770de7cd.tar.gz
tor-026e7987ad312a26efb926ae44adc158770de7cd.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/src/or/router.c b/src/or/router.c
index 3bb37de8cf..26ac351fc4 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -1068,7 +1068,7 @@ should_refuse_unknown_exits(or_options_t *options)
   if (options->RefuseUnknownExits_ != -1) {
     return options->RefuseUnknownExits_;
   } else {
-    return networkstatus_get_param(NULL, "refuseunknownexits", 1);
+    return networkstatus_get_param(NULL, "refuseunknownexits", 1, 0, 1);
   }
 }
author	Sebastian Hahn <sebastian@torproject.org>	2010-12-30 19:54:13 +0100
committer	Sebastian Hahn <sebastian@torproject.org>	2011-01-15 19:42:17 +0100
commit	026e7987ad312a26efb926ae44adc158770de7cd (patch)
tree	73a8e03bc137be9aa3aaa644ea5bc2e1a1586987 /src/or/router.c
parent	ca6c8136128eed09a33aeeddc6d11b58b4eb361b (diff)
download	tor-026e7987ad312a26efb926ae44adc158770de7cd.tar.gz tor-026e7987ad312a26efb926ae44adc158770de7cd.zip