#30920: Detect uint64 overflow in config_parse_units() ---------------------------+------------------------------------ Reporter: nickm | Owner: (none) Type: defect | Status: needs_revision Priority: Low | Milestone: Tor: 0.4.3.x-final Component: Core Tor/Tor | Version: Severity: Minor | Resolution: Keywords: easy overflow | Actual Points: Parent ID: | Points: Reviewer: teor | Sponsor: ---------------------------+------------------------------------
Comment (by guigom): I've updated the PR. Replying to [comment:16 teor]: > Let's check that the value is less than INT64_MAX? > And let's check the result of the float multiplication, *before* we cast it to a uint64_t. > (We want to use a value that's significantly lower than UINT64_MAX, so that floating point calculations can't change the result.) Not sure if I got it right, waiting for an OK because I ended up writing the same block for the float as the uint case. INT64_MAX use_float before casting check: [https://github.com/torproject/tor/pull/1338/commits/7439c8ac421a3f4dba6c3d469bc6bc7e2ca86888 #diff-3ae70660df167ed2300a9455223be6a9R146] Sorry this is taking this much time. It's been hard finding some free time lately, sorry for any inconvenience. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30920#comment:18> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs