github
/
mosquitto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Limit bridge restart base and cap to prevent integer overflow.

Browse Source 
Non-critical.

Closes oss-fuzz #56302.
pull/2768/head
Roger A. Light 3 years ago
parent 77b5dfb770
commit 385ddd7d86
3 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File

4
man/mosquitto.conf.5.xml
Unescape Escape View File

@ -2151,7 +2151,9 @@ openssl dhparam -out dhparam.pem 2048</programlisting>
<replaceable>base</replaceable> after a successful connection. <replaceable>base</replaceable> after a successful connection.
When <replaceable>stable</replaceable> is specified, the backoff time When <replaceable>stable</replaceable> is specified, the backoff time
will be reset only if the connection remains open for at least will be reset only if the connection remains open for at least
<replaceable>stable</replaceable> seconds.</para> <replaceable>stable</replaceable> seconds. Base has a minimum of 1 second
and a maximum of 3600 seconds. Cap has a minimum of base, and a maximum of
7200 seconds.</para>
<para>Set a constant timeout of 20 seconds:</para> <para>Set a constant timeout of 20 seconds:</para>
<programlisting language="config"> <programlisting language="config">
restart_timeout 20</programlisting> restart_timeout 20</programlisting>

1
mosquitto.conf
Unescape Escape View File

@ -873,6 +873,7 @@
# This option can be configured to use a constant delay time in seconds, or to # This option can be configured to use a constant delay time in seconds, or to
# use a backoff mechanism based on "Decorrelated Jitter", which adds a degree # use a backoff mechanism based on "Decorrelated Jitter", which adds a degree
# of randomness to when the restart occurs. # of randomness to when the restart occurs.
# Minimum of 1, maximum of 3600
# #
# Set a constant timeout of 20 seconds: # Set a constant timeout of 20 seconds:
# restart_timeout 20 # restart_timeout 20

6
src/conf.c
Unescape Escape View File

@ -2176,6 +2176,9 @@ static int config__read_file_core(struct mosquitto__config *config, bool reload,
if(cur_bridge->restart_timeout < 1){ if(cur_bridge->restart_timeout < 1){
log__printf(NULL, MOSQ_LOG_NOTICE, "restart_timeout interval too low, using 1 second."); log__printf(NULL, MOSQ_LOG_NOTICE, "restart_timeout interval too low, using 1 second.");
cur_bridge->restart_timeout = 1; cur_bridge->restart_timeout = 1;
}else if(cur_bridge->restart_timeout > 3600){
log__printf(NULL, MOSQ_LOG_NOTICE, "restart_timeout interval too high, using 3600 seconds.");
cur_bridge->restart_timeout = 3600;
} }
token = strtok_r(NULL, " ", &saveptr); token = strtok_r(NULL, " ", &saveptr);
if(token){ if(token){
@ -2184,6 +2187,9 @@ static int config__read_file_core(struct mosquitto__config *config, bool reload,
if(cur_bridge->backoff_cap < cur_bridge->backoff_base){ if(cur_bridge->backoff_cap < cur_bridge->backoff_base){
log__printf(NULL, MOSQ_LOG_ERR, "Error: backoff cap is lower than the base in restart_timeout."); log__printf(NULL, MOSQ_LOG_ERR, "Error: backoff cap is lower than the base in restart_timeout.");
return MOSQ_ERR_INVAL; return MOSQ_ERR_INVAL;
}else if(cur_bridge->backoff_cap > 7200){
log__printf(NULL, MOSQ_LOG_ERR, "Error: backoff cap too high, using 7200 seconds.");
cur_bridge->backoff_cap = 7200;
} }
token = strtok_r(NULL, " ", &saveptr); token = strtok_r(NULL, " ", &saveptr);

Write Preview
Loading…
Cancel
Save