diff options
| -rw-r--r-- | changes/bug27649 | 4 | ||||
| -rw-r--r-- | src/rust/protover/protoset.rs | 17 | ||||
| -rw-r--r-- | src/rust/protover/protover.rs | 4 | ||||
| -rw-r--r-- | src/rust/protover/tests/protover.rs | 14 | ||||
| -rw-r--r-- | src/test/test_protover.c | 22 |
5 files changed, 32 insertions, 29 deletions
diff --git a/changes/bug27649 b/changes/bug27649 new file mode 100644 index 0000000000..55bfc3a842 --- /dev/null +++ b/changes/bug27649 @@ -0,0 +1,4 @@ + o Minor bugfixes (rust): + - The protover rewrite in 24031 allowed repeated votes from the same + voter for the same protocol version to be counted multiple times in + protover_compute_vote(). Fixes bug 27649; bugfix on 0.3.3.5-rc. diff --git a/src/rust/protover/protoset.rs b/src/rust/protover/protoset.rs index 027dfba203..b99e1a99f7 100644 --- a/src/rust/protover/protoset.rs +++ b/src/rust/protover/protoset.rs @@ -174,7 +174,7 @@ impl ProtoSet { if low == u32::MAX || high == u32::MAX { return Err(ProtoverError::ExceedsMax); } - if low < last_high { + if low <= last_high { return Err(ProtoverError::Overlap); } else if low > high { return Err(ProtoverError::LowGreaterThanHigh); @@ -520,7 +520,6 @@ mod test { test_protoset_contains_versions!(&[1], "1"); test_protoset_contains_versions!(&[1, 2], "1,2"); test_protoset_contains_versions!(&[1, 2, 3], "1-3"); - test_protoset_contains_versions!(&[0, 1], "0-1"); test_protoset_contains_versions!(&[1, 2, 5], "1-2,5"); test_protoset_contains_versions!(&[1, 3, 4, 5], "1,3-5"); test_protoset_contains_versions!(&[42, 55, 56, 57, 58], "42,55-58"); @@ -587,9 +586,9 @@ mod test { #[test] fn test_protoset_contains() { - let protoset: ProtoSet = ProtoSet::from_slice(&[(0, 5), (7, 9), (13, 14)]).unwrap(); + let protoset: ProtoSet = ProtoSet::from_slice(&[(1, 5), (7, 9), (13, 14)]).unwrap(); - for x in 0..6 { assert!(protoset.contains(&x), format!("should contain {}", x)); } + for x in 1..6 { assert!(protoset.contains(&x), format!("should contain {}", x)); } for x in 7..10 { assert!(protoset.contains(&x), format!("should contain {}", x)); } for x in 13..15 { assert!(protoset.contains(&x), format!("should contain {}", x)); } @@ -599,10 +598,10 @@ mod test { } #[test] - fn test_protoset_contains_0_3() { - let protoset: ProtoSet = ProtoSet::from_slice(&[(0, 3)]).unwrap(); + fn test_protoset_contains_1_3() { + let protoset: ProtoSet = ProtoSet::from_slice(&[(1, 3)]).unwrap(); - for x in 0..4 { assert!(protoset.contains(&x), format!("should contain {}", x)); } + for x in 1..4 { assert!(protoset.contains(&x), format!("should contain {}", x)); } } macro_rules! assert_protoset_from_vec_contains_all { @@ -622,8 +621,8 @@ mod test { } #[test] - fn test_protoset_from_vec_0_315() { - assert_protoset_from_vec_contains_all!(0, 1, 2, 3, 15); + fn test_protoset_from_vec_1_315() { + assert_protoset_from_vec_contains_all!(1, 2, 3, 15); } #[test] diff --git a/src/rust/protover/protover.rs b/src/rust/protover/protover.rs index d6ed2739fe..d6a5ad34be 100644 --- a/src/rust/protover/protover.rs +++ b/src/rust/protover/protover.rs @@ -852,10 +852,10 @@ mod test { #[test] fn test_protoentry_all_supported_unsupported_low_version() { - let protocols: UnvalidatedProtoEntry = "Cons=0-1".parse().unwrap(); + let protocols: UnvalidatedProtoEntry = "HSIntro=2-3".parse().unwrap(); let unsupported: Option<UnvalidatedProtoEntry> = protocols.all_supported(); assert_eq!(true, unsupported.is_some()); - assert_eq!("Cons=0", &unsupported.unwrap().to_string()); + assert_eq!("HSIntro=2", &unsupported.unwrap().to_string()); } #[test] diff --git a/src/rust/protover/tests/protover.rs b/src/rust/protover/tests/protover.rs index 2db01a1634..59a4b5a8a0 100644 --- a/src/rust/protover/tests/protover.rs +++ b/src/rust/protover/tests/protover.rs @@ -106,10 +106,10 @@ fn protocol_all_supported_with_unsupported_versions() { #[test] fn protocol_all_supported_with_unsupported_low_version() { - let protocols: UnvalidatedProtoEntry = "Cons=0-1".parse().unwrap(); + let protocols: UnvalidatedProtoEntry = "HSIntro=2-3".parse().unwrap(); let unsupported: Option<UnvalidatedProtoEntry> = protocols.all_supported(); assert_eq!(true, unsupported.is_some()); - assert_eq!("Cons=0", &unsupported.unwrap().to_string()); + assert_eq!("HSIntro=2", &unsupported.unwrap().to_string()); } #[test] @@ -354,18 +354,18 @@ fn protover_all_supported_should_exclude_some_versions_and_entire_protocols() { #[test] fn protover_all_supported_should_not_dos_anyones_computer() { - let proto: UnvalidatedProtoEntry = "Sleen=0-2147483648".parse().unwrap(); + let proto: UnvalidatedProtoEntry = "Sleen=1-2147483648".parse().unwrap(); let result: String = proto.all_supported().unwrap().to_string(); - assert_eq!(result, "Sleen=0-2147483648".to_string()); + assert_eq!(result, "Sleen=1-2147483648".to_string()); } #[test] fn protover_all_supported_should_not_dos_anyones_computer_max_versions() { - let proto: UnvalidatedProtoEntry = "Sleen=0-4294967294".parse().unwrap(); + let proto: UnvalidatedProtoEntry = "Sleen=1-4294967294".parse().unwrap(); let result: String = proto.all_supported().unwrap().to_string(); - assert_eq!(result, "Sleen=0-4294967294".to_string()); + assert_eq!(result, "Sleen=1-4294967294".to_string()); } #[test] @@ -388,7 +388,7 @@ fn protover_unvalidatedprotoentry_should_err_entirely_unparseable_things() { #[test] fn protover_all_supported_over_maximum_limit() { - let proto: Result<UnvalidatedProtoEntry, ProtoverError> = "Sleen=0-4294967295".parse(); + let proto: Result<UnvalidatedProtoEntry, ProtoverError> = "Sleen=1-4294967295".parse(); assert_eq!(Err(ProtoverError::ExceedsMax), proto); } diff --git a/src/test/test_protover.c b/src/test/test_protover.c index 70b7c9a85f..15c5febe0b 100644 --- a/src/test/test_protover.c +++ b/src/test/test_protover.c @@ -290,13 +290,13 @@ test_protover_all_supported(void *arg) tor_free(msg); /* We shouldn't be able to DoS ourselves parsing a large range. */ - tt_assert(! protover_all_supported("Sleen=0-2147483648", &msg)); - tt_str_op(msg, OP_EQ, "Sleen=0-2147483648"); + tt_assert(! protover_all_supported("Sleen=1-2147483648", &msg)); + tt_str_op(msg, OP_EQ, "Sleen=1-2147483648"); tor_free(msg); /* This case is allowed. */ - tt_assert(! protover_all_supported("Sleen=0-4294967294", &msg)); - tt_str_op(msg, OP_EQ, "Sleen=0-4294967294"); + tt_assert(! protover_all_supported("Sleen=1-4294967294", &msg)); + tt_str_op(msg, OP_EQ, "Sleen=1-4294967294"); tor_free(msg); /* If we get a (barely) valid (but unsupported list, we say "yes, that's @@ -313,7 +313,7 @@ test_protover_all_supported(void *arg) /* If we get a completely unparseable list, protover_all_supported should * hit a fatal assertion for BUG(entries == NULL). */ tor_capture_bugs_(1); - tt_assert(protover_all_supported("Sleen=0-4294967295", &msg)); + tt_assert(protover_all_supported("Sleen=1-4294967295", &msg)); tor_end_capture_bugs_(); /* Protocol name too long */ @@ -548,11 +548,11 @@ test_protover_vote_roundtrip(void *args) { "Zn=4294967295-1", NULL }, { "Zn=4294967293-4294967295", NULL }, /* Will fail because of 4294967295. */ - { "Foo=1,3 Bar=3 Baz= Quux=9-12,14,15-16,900 Zn=0,4294967295", + { "Foo=1,3 Bar=3 Baz= Quux=9-12,14,15-16,900 Zn=1,4294967295", NULL }, - { "Foo=1,3 Bar=3 Baz= Quux=9-12,14,15-16,900 Zn=0,4294967294", - "Bar=3 Foo=1,3 Quux=9-12,14-16,900 Zn=0,4294967294" }, - { "Zu16=0,65536", "Zu16=0,65536" }, + { "Foo=1,3 Bar=3 Baz= Quux=9-12,14,15-16,900 Zn=1,4294967294", + "Bar=3 Foo=1,3 Quux=9-12,14-16,900 Zn=1,4294967294" }, + { "Zu16=1,65536", "Zu16=1,65536" }, { "N-1=1,2", "N-1=1-2" }, { "-1=4294967295", NULL }, { "-1=3", "-1=3" }, @@ -581,9 +581,9 @@ test_protover_vote_roundtrip(void *args) { "Sleen=1-501", "Sleen=1-501" }, { "Sleen=1-65537", NULL }, /* Both C/Rust implementations should be able to handle this mild DoS. */ - { "Sleen=0-2147483648", NULL }, + { "Sleen=1-2147483648", NULL }, /* Rust tests are built in debug mode, so ints are bounds-checked. */ - { "Sleen=0-4294967295", NULL }, + { "Sleen=1-4294967295", NULL }, }; unsigned u; smartlist_t *votes = smartlist_new(); |