summaryrefslogtreecommitdiff
path: root/src/test/test_protover.c
diff options
context:
space:
mode:
authorIsis Lovecruft <isis@torproject.org>2018-03-27 21:34:00 +0000
committerIsis Lovecruft <isis@torproject.org>2018-04-02 19:20:37 +0000
commit22c65a0e4bc7da08e216a769bba1b91f7b2a0ca1 (patch)
tree576d94a88263a8f1a11cbd345f64a6ee503c08e1 /src/test/test_protover.c
parent6e353664dd7c7a362be82af578954797e348d298 (diff)
downloadtor-22c65a0e4bc7da08e216a769bba1b91f7b2a0ca1.tar.gz
tor-22c65a0e4bc7da08e216a769bba1b91f7b2a0ca1.zip
tests: Make inline comments in test_protover.c more accurate.
The DoS potential is slightly higher in C now due to some differences to the Rust code, see the C_RUST_DIFFERS tags in src/rust/protover/tests/protover.rs. Also, the comment about "failing at the splitting stage" in Rust wasn't true, since when we split, we ignore empty chunks (e.g. "1--1" parses into "(1,None),(None,1)" and "None" can't be parsed into an integer). Finally, the comment about "Rust seems to experience an internal error" is only true in debug mode, where u32s are bounds-checked at runtime. In release mode, code expressing the equivalent of this test will error with `Err(ProtoverError::Unparseable)` because 4294967295 is too large.
Diffstat (limited to 'src/test/test_protover.c')
-rw-r--r--src/test/test_protover.c8
1 files changed, 3 insertions, 5 deletions
diff --git a/src/test/test_protover.c b/src/test/test_protover.c
index 95cc5f083e..e7e17efe32 100644
--- a/src/test/test_protover.c
+++ b/src/test/test_protover.c
@@ -273,7 +273,7 @@ test_protover_all_supported(void *arg)
tt_str_op(msg, OP_EQ, "Link=6-12 Quokka=9000-9001");
tor_free(msg);
- /* CPU/RAM DoS loop: Rust only */
+ /* We shouldn't be able to DoS ourselves parsing a large range. */
tt_assert(! protover_all_supported("Sleen=0-2147483648", &msg));
tt_str_op(msg, OP_EQ, "Sleen=0-2147483648");
tor_free(msg);
@@ -546,8 +546,6 @@ test_protover_vote_roundtrip(void *args)
{ "Link=1,9-8,3", NULL },
{ "Faux=-0", NULL },
{ "Faux=0--0", NULL },
- // "These fail at the splitting stage in Rust, but the number parsing
- // stage in C."
{ "Faux=-1", NULL },
{ "Faux=-1-3", NULL },
{ "Faux=1--1", NULL },
@@ -556,9 +554,9 @@ test_protover_vote_roundtrip(void *args)
/* Large range */
{ "Sleen=1-501", "Sleen=1-501" },
{ "Sleen=1-65537", NULL },
- /* CPU/RAM DoS Loop: Rust only. */
+ /* Both C/Rust implementations should be able to handle this mild DoS. */
{ "Sleen=0-2147483648", NULL },
- /* Rust seems to experience an internal error here. */
+ /* Rust tests are built in debug mode, so ints are bounds-checked. */
{ "Sleen=0-4294967295", NULL },
};
unsigned u;