diff options
author | Nick Mathewson <nickm@torproject.org> | 2012-09-14 10:10:16 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2012-09-14 10:10:16 -0400 |
commit | 68caa834f4ed9cae16a551c9fc63ea982c9f1904 (patch) | |
tree | 9784ac5968911a08f9ed2298cb4aaaef1c1696d5 | |
parent | c8b98ba41ce37662cf14fdb3c6a74ae83b8b0bf8 (diff) | |
download | tor-68caa834f4ed9cae16a551c9fc63ea982c9f1904.tar tor-68caa834f4ed9cae16a551c9fc63ea982c9f1904.tar.gz |
document why we only allow 64 flags in votes
-rw-r--r-- | src/or/routerparse.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 496b90d4a..43a95e88c 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -3006,6 +3006,11 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out, } if (ns->type != NS_TYPE_CONSENSUS && smartlist_len(ns->known_flags) > MAX_KNOWN_FLAGS_IN_VOTE) { + /* If we allowed more than 64 flags in votes, then parsing them would make + * us invoke undefined behavior whenever we used 1<<flagnum to do a + * bit-shift. This is only for votes and opinions: consensus users don't + * care about flags they don't recognize, and so don't build a bitfield + * for them. */ log_warn(LD_DIR, "Too many known-flags in consensus vote or opinion"); goto err; } |