[tor-commits] [tor/master] Fix integer overflow in the rate-limiter (#19435).

nickm at torproject.org nickm at torproject.org
Tue Jul 26 14:00:39 UTC 2016 

commit 77459b97aac15949c5160ca8abb9af792f02ac73
Author: Ivan Markin <twim at riseup.net>
Date:   Fri Jun 17 03:44:58 2016 +0000

    Fix integer overflow in the rate-limiter (#19435).
---
 changes/bug19435  |  6 ++++++
 src/common/util.c | 14 ++++++++++++--
 src/common/util.h |  1 +
 3 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/changes/bug19435 b/changes/bug19435
new file mode 100644
index 0000000..ccd916b
--- /dev/null
+++ b/changes/bug19435
@@ -0,0 +1,6 @@
+  o Major bugfixes (user interface):
+    - Fix an integer overflow in the rate-limiter that caused displaying of
+      wrong number of suppressed messages (if there are too many of them).
+      If the number of messages hits the limit of messages per interval the
+      rate-limiter drops a warning and doesn't count any further.
+      Fixes bug 19435.
diff --git a/src/common/util.c b/src/common/util.c
index 538aeb1..72efd89 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -1983,7 +1983,9 @@ update_approx_time(time_t now)
 
 /** If the rate-limiter <b>lim</b> is ready at <b>now</b>, return the number
  * of calls to rate_limit_is_ready (including this one!) since the last time
- * rate_limit_is_ready returned nonzero.  Otherwise return 0. */
+ * rate_limit_is_ready returned nonzero.  Otherwise return 0.
+ * If the call number hits <b>RATELIM_TOOMANY</b> limit, drop a warning
+ * about this event and stop counting. */
 static int
 rate_limit_is_ready(ratelim_t *lim, time_t now)
 {
@@ -1993,7 +1995,15 @@ rate_limit_is_ready(ratelim_t *lim, time_t now)
     lim->n_calls_since_last_time = 0;
     return res;
   } else {
-    ++lim->n_calls_since_last_time;
+    if (lim->n_calls_since_last_time < RATELIM_TOOMANY) {
+      ++lim->n_calls_since_last_time;
+    } else if (lim->n_calls_since_last_time == RATELIM_TOOMANY) {
+      log_warn(LD_GENERAL,
+        "Enormously large number of messages (%d). It's probably a bug.",
+        RATELIM_TOOMANY);
+      ++lim->n_calls_since_last_time;
+    }
+
     return 0;
   }
 }
diff --git a/src/common/util.h b/src/common/util.h
index 0d48eac..837d2e9 100644
--- a/src/common/util.h
+++ b/src/common/util.h
@@ -292,6 +292,7 @@ typedef struct ratelim_t {
 } ratelim_t;
 
 #define RATELIM_INIT(r) { (r), 0, 0 }
+#define RATELIM_TOOMANY (16*1000)
 
 char *rate_limit_log(ratelim_t *lim, time_t now);

More information about the tor-commits mailing list