[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #18479 [Tor]: Avoid overflow in tor_timegm when time_t is 32 bit
#18479: Avoid overflow in tor_timegm when time_t is 32 bit
-------------------------------------------------+-------------------------
Reporter: teor | Owner: asn
Type: defect | Status:
Priority: Medium | needs_review
Component: Tor | Milestone: Tor:
Severity: Normal | 0.2.8.x-final
Keywords: needs-merge integer-overflow | Version: Tor:
security-maybe must-fix-before-028-rc | unspecified
Parent ID: | Resolution:
Reviewer: | Actual Points:
| Points:
| Sponsor:
-------------------------------------------------+-------------------------
Changes (by teor):
* keywords: integer-overflow security-maybe must-fix-before-028-rc =>
needs-merge integer-overflow security-maybe must-fix-before-028-rc
Comment:
Replying to [comment:6 asn]:
> Patch looks good. I addressed both comments by Nick in my branch
`timegm_overflow`.
>
> I also changed the assert to a simple check. I agree that `seconds`
should only take positive values, however I opted for explicitly checking
for it, in case there is any other unexpected overflows in the
calculations above.
Seems good. I have reviewed the fixup commit and think it's ready for
merge.
>
> Unfortunately, I don't have a 32-bit box to actually test the overflow.
Tests pass fine in my 64-bit box.
I have a 64-bit box that builds and runs i386.
All unit tests pass on 64 and 32 bit. They also pass with `-ftrapv` on 64
and 32 bit.
Let's get this merged. And thanks for taking this over!
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18479#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs