Add a 30-day maximum on user-supplied MaxCircuitDirtiness

Fix for bug 9543.
2013-08-21 11:35:00 -04:00 · 2013-08-21 11:35:00 -04:00 · af7970b6bc
parent edaea773e5
commit af7970b6bc
2 changed files with 14 additions and 0 deletions
--- a/changes/bug9543
+++ b/changes/bug9543
@ -0,0 +1,4 @@
+  o Minor bugfixes:
+    - Avoid overflows when the user sets MaxCircuitDirtiness to a
+      ridiculously high value, by imposing a (ridiculously high) 30-day
+      maximum on MaxCircuitDirtiness.
--- a/src/or/config.c
+++ b/src/or/config.c
@ -2266,6 +2266,10 @@ compute_publishserverdescriptor(or_options_t *options)
 * will generate too many circuits and potentially overload the network. */
 #define MIN_MAX_CIRCUIT_DIRTINESS 10

+/** Highest allowable value for MaxCircuitDirtiness: prevents time_t
+ * overflows. */
+#define MAX_MAX_CIRCUIT_DIRTINESS (30*24*60*60)
+
 /** Lowest allowable value for CircuitStreamTimeout; if this is too low, Tor
 * will generate too many circuits and potentially overload the network. */
 #define MIN_CIRCUIT_STREAM_TIMEOUT 10
@ -2786,6 +2790,12 @@ options_validate(or_options_t *old_options, or_options_t *options,
    options->MaxCircuitDirtiness = MIN_MAX_CIRCUIT_DIRTINESS;
  }

+  if (options->MaxCircuitDirtiness > MAX_MAX_CIRCUIT_DIRTINESS) {
+    log_warn(LD_CONFIG, "MaxCircuitDirtiness option is too high; "
+             "setting to %d days.", MAX_MAX_CIRCUIT_DIRTINESS/86400);
+    options->MaxCircuitDirtiness = MAX_MAX_CIRCUIT_DIRTINESS;
+  }
+
  if (options->CircuitStreamTimeout &&
      options->CircuitStreamTimeout < MIN_CIRCUIT_STREAM_TIMEOUT) {
    log_warn(LD_CONFIG, "CircuitStreamTimeout option is too short; "