summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDavid Goulet <dgoulet@torproject.org>2019-01-24 10:52:08 -0500
committerNick Mathewson <nickm@torproject.org>2019-02-21 10:07:34 -0500
commitbe84ed1a64ed7ce810bd3924fa96c2588b491ef5 (patch)
tree25e06252ddbb757d9b876e9079b4942d6e6c271d /src
parent41c2bf590b49e72ba9e9f5818cdbca6bc6069eab (diff)
downloadtor-be84ed1a64ed7ce810bd3924fa96c2588b491ef5.tar.gz
tor-be84ed1a64ed7ce810bd3924fa96c2588b491ef5.zip
kist: Don't write above the highwater outbuf mark
KIST works by computing how much should be allowed to write to the kernel for a given socket, and then it writes that amount to the outbuf. The problem is that it could be possible that the outbuf already has lots of data in it from a previous scheduling round (because the kernel is full/busy and Tor was not able to flush the outbuf yet). KIST ignores that the outbuf has been filling (is above its "highwater") and writes more anyway. The end result is that the outbuf length would exceed INT_MAX, hence causing an assertion error and a corresponding "Bug()" message to get printed to the logs. This commit makes it for KIST to take into account the outbuf length when computing the available space. Bug found and patch by Rob Jansen. Closes #29168. TROVE-2019-001. Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src')
-rw-r--r--src/or/scheduler_kist.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/or/scheduler_kist.c b/src/or/scheduler_kist.c
index 6d6490077d..fb33a5d1d8 100644
--- a/src/or/scheduler_kist.c
+++ b/src/or/scheduler_kist.c
@@ -280,7 +280,7 @@ update_socket_info_impl, (socket_table_ent_t *ent))
extra_space =
clamp_double_to_int64(
(ent->cwnd * (int64_t)ent->mss) * sock_buf_size_factor) -
- ent->notsent;
+ ent->notsent - (int64_t)channel_outbuf_length((channel_t *) ent->chan);
if ((tcp_space + extra_space) < 0) {
/* This means that the "notsent" queue is just too big so we shouldn't put
* more in the kernel for now. */