search

rakshasa / libtorrent

libTorrent BitTorrent library
http://rtorrent.net/downloads/
GNU General Public License v2.0
894 stars 208 forks source link

internal error during metadownload if peer set metadata_size too large #124

Closed ghost closed 7 years ago

ghost commented 8 years ago

During a meta download a peer specifies the length of the metadata via the key metadata_size. A peer can send a very large (or negative) number as the metadata_size. When the client attempts to check how many bytes it has left for this file an internal error is thrown. Attempting to remove the torrent will cause FileList::bytes_left to be called.

Extension Handshake Setting metadata_size to -1:

d1:md11:ut_metadatai3ee13:metadata_sizei-1ee
FileList::left_bytes
...
  uint64_t left = size_bytes() - completed_bytes();
  if (left > ((uint64_t)1 << 60))
    throw internal_error("FileList::bytes_left() is too large.", data()->hash());
...
(gdb) p size_bytes()
$1 = 107339822789768
Caught internal_error: FileList::bytes_left() is too large. [#FB88BA396DD408BCE51F41AEAA71BE695F60FA87]
/usr/lib/gcc/x86_64-pc-linux-gnu/4.9.3/libasan.so.1(backtrace+0x49) [0x7effcff5daf9]
/usr/local/lib64/libtorrent.so.19(_ZN7torrent14internal_error10initializeERKSs+0xd4) [0x7effd177b074]
/usr/local/lib64/libtorrent.so.19(_ZN7torrent14internal_errorC2EPKcRKNS_10HashStringE+0xeb) [0x7effd17bdf3b]
/usr/local/lib64/libtorrent.so.19(_ZNK7torrent8FileList10left_bytesEv+0xef) [0x7effd17b7aaf]
/usr/local/lib64/libtorrent.so.19(_ZNSt5_BindIFSt7_Mem_fnIMN7torrent8FileListEKFmvEEPS2_EE6__callImIEILm0EEEET_OSt5tupleIIDpT0_EESt12_Index_tupleIIXspT1_EEE+0x40) [0x7effd1892580]
/usr/local/lib64/libtorrent.so.19(_ZNSt5_BindIFSt7_Mem_fnIMN7torrent8FileListEKFmvEEPS2_EEclIIEmEET0_DpOT_+0x20) [0x7effd18925c0]
/usr/local/lib64/libtorrent.so.19(+0x29a710) [0x7effd18ec710]
/usr/local/lib64/libtorrent.so.19(_ZN7torrent11TrackerList10send_stateEPNS_7TrackerEi+0x15c) [0x7effd179ec7c]
/usr/local/lib64/libtorrent.so.19(_ZN7torrent17TrackerController15send_stop_eventEv+0x293) [0x7effd179c893]
/usr/local/lib64/libtorrent.so.19(_ZN7torrent8Download4stopEi+0x1a4) [0x7effd17750f4]
rtorrent() [0x553acb]
rtorrent() [0x49363d]
rtorrent() [0x495362]
rtorrent() [0x4953ea]
rtorrent() [0x495456]
rtorrent() [0x5aae95]
rtorrent() [0x5aaf14]
rtorrent() [0x5aeb38]
rtorrent() [0x5b072f]
rtorrent() [0x5c450f]