Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
T
Tor
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 1,067
    • Issues 1,067
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 20
    • Merge Requests 20
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • The Tor Project
  • Core
  • Tor
  • Issues
  • #2352

Closed
Open
Opened Jan 05, 2011 by Roger Dingledine@armaReporter

more size_t_ceiling fun

<doorss> need to replace "if (tok->object_size >= INT_MAX) {"
<doorss> with "if (tok->object_size >= SIZE_T_CEILING || tok->object_size >= INT_MAX) {"
<doorss> for two places.
<doorss> if it can be >= INT_MAX it can be INT_MAX - 1 too.
<doorss> "tok->object_body = ALLOC(next-*s); /* really, this is too much RAM. */" is fragile too. no checks, utill assert.

> doorss: which branch are you looking at?
<doorss> it was master.

<doorss> "if (tok->object_size >= INT_MAX)" mostly about cast to int. but if size can be such big (no assert here) so need to check for SIZE_T_CEILING.
<doorss> it prevents overflow underflow and another truncates during "sig->signature_len = (int) tok->object_size"
<doorss> SIZE_T_CEILING < INT_MAX for 32bit size_t
<doorss> if tok->object_size == INT_MAX - 1 then "sig->signature = tor_memdup(tok->object_body, tok->object_size)" trigger assert for 32 bit.
<doorss> we can't just replace INT_MAX with SIZE_T_CEILING. for 64 bit.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None
Reference: tpo/core/tor#2352