Fix integer overflow in port allocation causing permanent allocation failure #1724
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…failure Co-authored-by: ggarber <[email protected]>
Copilot
AI
changed the title
[WIP] Cumulative port allocation over uptime
Fix integer overflow in port allocation causing permanent allocation failure
Jul 16, 2025
Copilot finished work on behalf of
ggarber
July 16, 2025 07:37
jonesmz
reviewed
Jul 16, 2025
| while (1) { | ||
|
|
||
| if (tp->high <= tp->low) { | ||
| if ((tp->high - tp->low) == 0) { |
There was a problem hiding this comment.
Explain how this is going to fix the problem?
This formulation is basically the same as use the == comparison operator, which is already covered by checking if high is less or equal to low.
There was a problem hiding this comment.
Better would be for this algorithm to have a proper circular queue of available port numbers. As a real data structure.
But the C-language makes it very difficult to encapsulate logic of that nature.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR fixes a critical issue where Coturn would permanently stop allocating ports after approximately 4 billion allocation/release operations due to uint32_t integer overflow.
Problem
The
_turnportsstructure uses twouint32_tcounters (lowandhigh) to track port allocation state:lowincrements on each port allocationhighincrements on each port releaseAfter ~4 billion operations, these counters would overflow. When
highwraps around to a small value whilelowremains large, the conditiontp->high <= tp->lowinturnports_allocate()would become permanently true, preventing all future port allocations.Solution
Changed the overflow-sensitive condition from:
To an overflow-safe condition using unsigned arithmetic:
This works correctly in all scenarios:
high=2000, low=1000→2000-1000=1000(ports available)high=low→high-low=0(correctly identifies exhaustion)high=100, low=4294967000→100-4294967000=large number(correctly identifies available ports due to unsigned underflow)Testing
The server can now handle unlimited allocation/release cycles without the cumulative limit issue.
Fixes #1649.
Warning
Firewall rules blocked me from connecting to one or more addresses
I tried to connect to the following addresses, but was blocked by firewall rules:
esm.ubuntu.com/usr/lib/apt/methods/https(dns block)If you need me to access, download, or install something from one of these locations, you can either:
💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.