Avoid integer overflow in delay calculation.

author Nick Mathewson <nickm@torproject.org>

Mon, 7 Nov 2016 14:58:29 +0000 (09:58 -0500)

committer Nick Mathewson <nickm@torproject.org>

Mon, 7 Nov 2016 16:01:21 +0000 (11:01 -0500)
author Nick Mathewson <nickm@torproject.org>
Mon, 7 Nov 2016 14:58:29 +0000 (09:58 -0500)
committer Nick Mathewson <nickm@torproject.org>
Mon, 7 Nov 2016 16:01:21 +0000 (11:01 -0500)
diff --git a/src/or/directory.c b/src/or/directory.c

index d1333a86661054e9bec5813e73af3dcb748c2639..f83f6220302a63819193c024a069b42368b7941e 100644 (file)
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -3796,11 +3796,15 @@ next_random_exponential_delay(int delay, int max_delay)
  
    /* How much are we willing to add to the delay? */
    int max_increment;
+  const int multiplier = 4; /* no more than quintuple. */
  
-  if (delay)
-    max_increment = delay * 4; /* no more than quintuple. */
-  else
+  if (delay && delay < (INT_MAX-1) / multiplier) {
+    max_increment = delay * multiplier;
+  } else if (delay) {
+    max_increment = INT_MAX-1;
+  } else {
      max_increment = 1; /* we're always willing to slow down a little. */
+  }
  
    /* the + 1 here is so that we include the end of the interval */
    int increment = crypto_rand_int(max_increment+1);
author	Nick Mathewson <nickm@torproject.org>
	Mon, 7 Nov 2016 14:58:29 +0000 (09:58 -0500)
committer	Nick Mathewson <nickm@torproject.org>
	Mon, 7 Nov 2016 16:01:21 +0000 (11:01 -0500)