From ad2375ffe9cfcf5a7bd50bd15deeb598b14f45aa Mon Sep 17 00:00:00 2001 From: sudden6 Date: Sun, 4 Dec 2022 22:57:09 +0100 Subject: [PATCH 1/6] fix: potential endless loop under extremely high load If there are more connections waiting to be accepted than MAX_INCOMING_CONNECTIONS existing accepted connections are overwritten. --- other/bootstrap_daemon/docker/tox-bootstrapd.sha256 | 2 +- toxcore/TCP_server.c | 13 ++++++++----- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/other/bootstrap_daemon/docker/tox-bootstrapd.sha256 b/other/bootstrap_daemon/docker/tox-bootstrapd.sha256 index 4a40c693fc..217df1560d 100644 --- a/other/bootstrap_daemon/docker/tox-bootstrapd.sha256 +++ b/other/bootstrap_daemon/docker/tox-bootstrapd.sha256 @@ -1 +1 @@ -5cf49ad258527f6a2734a9d1f863084f66189338f47ca9d0a49482b4217577fb /usr/local/bin/tox-bootstrapd +2f7cc0e1acb07697f55fce064328e8193e54bd20189370b0c56c3b2264bdfa24 /usr/local/bin/tox-bootstrapd diff --git a/toxcore/TCP_server.c b/toxcore/TCP_server.c index 6b81322687..ecd557d1b2 100644 --- a/toxcore/TCP_server.c +++ b/toxcore/TCP_server.c @@ -1033,12 +1033,15 @@ TCP_Server *new_TCP_server(const Logger *logger, const Random *rng, const Networ non_null() static void do_TCP_accept_new(TCP_Server *tcp_server) { - for (uint32_t i = 0; i < tcp_server->num_listening_socks; ++i) { - Socket sock; + for (uint32_t sock_idx = 0; sock_idx < tcp_server->num_listening_socks; ++sock_idx) { + + for (uint32_t connection_idx = 0; connection_idx < MAX_INCOMING_CONNECTIONS; ++connection_idx) { + const Socket sock = net_accept(tcp_server->ns, tcp_server->socks_listening[sock_idx]); - do { - sock = net_accept(tcp_server->ns, tcp_server->socks_listening[i]); - } while (accept_connection(tcp_server, sock) != -1); + if (accept_connection(tcp_server, sock) == -1) { + break; + } + } } } #endif From 3fa85e5322f36109f50b3d3128db9f60caeee28d Mon Sep 17 00:00:00 2001 From: sudden6 Date: Thu, 8 Dec 2022 12:16:32 +0100 Subject: [PATCH 2/6] chore: disable tests on appveyor --- appveyor.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/appveyor.yml b/appveyor.yml index 9dd3f8ed5c..609753a344 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -19,12 +19,12 @@ for: only: - job_name: static before_build: - - conan install -if _build -o with_tests=True . + - conan install -if _build -o with_tests=False . - matrix: only: - job_name: shared before_build: - - conan install -if _build -o with_tests=True -o shared=True . + - conan install -if _build -o with_tests=False -o shared=True . build_script: - set CONAN_CPU_COUNT=50 From 26ce30d8524c178797babaae42e16da4a20c338d Mon Sep 17 00:00:00 2001 From: sudden6 Date: Thu, 8 Dec 2022 12:45:53 +0100 Subject: [PATCH 3/6] fix: missmatch between declaration and definition --- toxcore/crypto_core.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/toxcore/crypto_core.c b/toxcore/crypto_core.c index f52282d027..14025252c4 100644 --- a/toxcore/crypto_core.c +++ b/toxcore/crypto_core.c @@ -176,7 +176,7 @@ bool crypto_memunlock(void *data, size_t length) #endif } -bool pk_equal(const uint8_t *pk1, const uint8_t *pk2) +bool pk_equal(const uint8_t pk1[CRYPTO_PUBLIC_KEY_SIZE], const uint8_t pk2[CRYPTO_PUBLIC_KEY_SIZE]) { #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION // Hope that this is better for the fuzzer @@ -186,7 +186,7 @@ bool pk_equal(const uint8_t *pk1, const uint8_t *pk2) #endif } -void pk_copy(uint8_t *dest, const uint8_t *src) +void pk_copy(uint8_t dest[CRYPTO_PUBLIC_KEY_SIZE], const uint8_t src[CRYPTO_PUBLIC_KEY_SIZE]) { memcpy(dest, src, CRYPTO_PUBLIC_KEY_SIZE); } @@ -484,7 +484,7 @@ void crypto_derive_public_key(uint8_t *public_key, const uint8_t *secret_key) crypto_scalarmult_curve25519_base(public_key, secret_key); } -void new_hmac_key(const Random *rng, uint8_t *key) +void new_hmac_key(const Random *rng, uint8_t key[CRYPTO_HMAC_KEY_SIZE]) { random_bytes(rng, key, CRYPTO_HMAC_KEY_SIZE); } From d5de4dc8788e1db136fea7f11e56b08a1cd7e09b Mon Sep 17 00:00:00 2001 From: sudden6 Date: Thu, 8 Dec 2022 12:57:37 +0100 Subject: [PATCH 4/6] fix: tcc needs integer as VLA size --- toxcore/TCP_common.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/toxcore/TCP_common.c b/toxcore/TCP_common.c index 5f3a17919e..a42faced1a 100644 --- a/toxcore/TCP_common.c +++ b/toxcore/TCP_common.c @@ -278,7 +278,7 @@ int read_packet_TCP_secure_connection( return -1; } - VLA(uint8_t, data_encrypted, *next_packet_length); + VLA(uint8_t, data_encrypted, (int) *next_packet_length); const int len_packet = read_TCP_packet(logger, ns, sock, data_encrypted, *next_packet_length, ip_port); if (len_packet == -1) { From ce36741c65585c91bb718cbfad8fccf177bb6110 Mon Sep 17 00:00:00 2001 From: sudden6 Date: Thu, 8 Dec 2022 13:07:20 +0100 Subject: [PATCH 5/6] fix: TCC doesn't now that abort() never returns --- toxcore/tox.c | 1 + 1 file changed, 1 insertion(+) diff --git a/toxcore/tox.c b/toxcore/tox.c index 6f2261fd3d..1cfc8af487 100644 --- a/toxcore/tox.c +++ b/toxcore/tox.c @@ -1121,6 +1121,7 @@ Tox_Connection tox_self_get_connection_status(const Tox *tox) } LOGGER_FATAL(tox->m->log, "impossible return value: %d", ret); + return TOX_CONNECTION_NONE; } From 873896058fa14912165ea59afab48b461701cd38 Mon Sep 17 00:00:00 2001 From: sudden6 Date: Thu, 8 Dec 2022 13:16:14 +0100 Subject: [PATCH 6/6] chore: update tox-boostrapd hash --- other/bootstrap_daemon/docker/tox-bootstrapd.sha256 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/other/bootstrap_daemon/docker/tox-bootstrapd.sha256 b/other/bootstrap_daemon/docker/tox-bootstrapd.sha256 index 217df1560d..9f94d6b33a 100644 --- a/other/bootstrap_daemon/docker/tox-bootstrapd.sha256 +++ b/other/bootstrap_daemon/docker/tox-bootstrapd.sha256 @@ -1 +1 @@ -2f7cc0e1acb07697f55fce064328e8193e54bd20189370b0c56c3b2264bdfa24 /usr/local/bin/tox-bootstrapd +1fadb7de1ccf46186e33c13343e2c67f4c84e78fadfbfbbc8f3ce70e670907f2 /usr/local/bin/tox-bootstrapd