premiere
/
premiere-libtorrent
2
2
Fork 1
Code Issues Pull Requests Releases Wiki Activity

use a more restrictive limit on number of pieces allowed in a torrent

This commit is contained in:
arvidn 2019-04-02 11:01:05 +02:00 committed by Arvid Norberg
parent 33463a3ef5
commit 5b021a849e
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@ -1,3 +1,4 @@
* tighten up various input validation checks
* fix create_torrent python binding * fix create_torrent python binding
* update symlinks to conform to BEP 47 * update symlinks to conform to BEP 47
* fix python bindings for peer_info * fix python bindings for peer_info

9
src/torrent_info.cpp
View File

@ -1066,8 +1066,15 @@ namespace {
return false; return false;
} }
// this is an arbitrary limit to avoid malicious torrents causing
// unreasaonably large allocations for the merkle hash tree
// the size of the tree would be max_pieces * sizeof(int) * 2
// which is about 6.3 MB with this limit
const int max_pieces = 0xC0000;
// we expect the piece hashes to be < 2 GB in size // we expect the piece hashes to be < 2 GB in size
if (files.num_pieces() >= std::numeric_limits<int>::max() / 20) if (files.num_pieces() >= std::numeric_limits<int>::max() / 20
|| files.num_pieces() > max_pieces)
{ {
ec = errors::too_many_pieces_in_torrent; ec = errors::too_many_pieces_in_torrent;
// mark the torrent as invalid // mark the torrent as invalid