[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] Fix a signed integer overflow in dir/download_status_random_backoff
commit b7566d465f0299e97b46f40d746a1203257245d4
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Fri Jul 14 13:56:40 2017 -0400
Fix a signed integer overflow in dir/download_status_random_backoff
Fix for 22924. Bugfix on 0.2.9.1-alpha when the test was introducd
-- though it couldn't actually overflow until we fixed 17750.
Additionally, this only seems to overflow on 32-bit, and only when
the compiler doesn't re-order the (possibly dead) assignment out of
the way. We ran into it on a 32-bit ubuntu trusty builder.
---
changes/bug22924 | 4 ++++
src/test/test_dir.c | 4 +++-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/changes/bug22924 b/changes/bug22924
new file mode 100644
index 0000000..e59fc72
--- /dev/null
+++ b/changes/bug22924
@@ -0,0 +1,4 @@
+ o Minor bugfies (tests):
+ - Fix a signed-integer overflow in the unit tests for
+ dir/download_status_random_backoff, which was untriggered until we
+ fixed bug 17750. Fixes bug 22924; bugfix on 0.2.9.1-alpha.
diff --git a/src/test/test_dir.c b/src/test/test_dir.c
index 53911e8..729ae64 100644
--- a/src/test/test_dir.c
+++ b/src/test/test_dir.c
@@ -3657,12 +3657,14 @@ download_status_random_backoff_helper(int min_delay, int max_delay)
}
/* Advance */
- current_time += increment;
++(dls_random.n_download_attempts);
++(dls_random.n_download_failures);
/* Try another maybe */
old_increment = increment;
+ if (increment >= max_delay)
+ current_time += increment;
+
} while (increment < max_delay);
done:
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits