[tor-commits] [tor/maint-0.2.9] Avoid integer overflow in delay calculation.
nickm at torproject.org
nickm at torproject.org
Mon Nov 7 16:02:23 UTC 2016
commit 1fdf6e5814ae50ed93338644f97c65b497463141
Author: Nick Mathewson <nickm at torproject.org>
Date: Mon Nov 7 09:58:29 2016 -0500
Avoid integer overflow in delay calculation.
---
src/or/directory.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/src/or/directory.c b/src/or/directory.c
index d1333a8..f83f622 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -3796,11 +3796,15 @@ next_random_exponential_delay(int delay, int max_delay)
/* How much are we willing to add to the delay? */
int max_increment;
+ const int multiplier = 4; /* no more than quintuple. */
- if (delay)
- max_increment = delay * 4; /* no more than quintuple. */
- else
+ if (delay && delay < (INT_MAX-1) / multiplier) {
+ max_increment = delay * multiplier;
+ } else if (delay) {
+ max_increment = INT_MAX-1;
+ } else {
max_increment = 1; /* we're always willing to slow down a little. */
+ }
/* the + 1 here is so that we include the end of the interval */
int increment = crypto_rand_int(max_increment+1);
More information about the tor-commits
mailing list