)]}'
{
  "commit": "ddc432876c33e076d5945f56d31ff8a4c250b6f3",
  "tree": "974f35d057947cd6fcfdab035c10fcb607e0f6d2",
  "parents": [
    "bf1fe798d0e3d933aed07efa98796c2702ccf450"
  ],
  "author": {
    "name": "David Benjamin",
    "email": "davidben@google.com",
    "time": "Tue Oct 22 16:12:52 2024 -0400"
  },
  "committer": {
    "name": "Boringssl LUCI CQ",
    "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "time": "Fri Oct 25 19:11:05 2024 +0000"
  },
  "message": "Amortize invariant maintenance in DTLSMessageBitmap\n\nAfter we receive a handshake fragment, we check if the fragment is now\ncomplete. This requires scanning over the entire message bitmap. This is\nthe one step in MarkRange that does not scale with the number of bytes\nthe peer sent us.\n\nThis is not really a DoS vector due to message size limits but, in\nprinciple, the peer could send us all but the last byte of a message and\nthen repeatedly send us the first byte, causing us to scan over\nmsg_len / 8 bytes each time. We can easily amortize this by saving how\nfar we scanned last time, because bits will never be unmarked. This\nmeans we only advance over each byte in the bitmap once.\n\nChange-Id: I802003d587de4c0a45650b891c76cea8b10acd17\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/72287\nReviewed-by: Nick Harper \u003cnharper@chromium.org\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "e0faa6ded5a364d5b57f55f4f8c4d9b5996efd72",
      "old_mode": 33188,
      "old_path": "ssl/d1_both.cc",
      "new_id": "f26209405fb416ebb91a651c81901531d7ebfbf6",
      "new_mode": 33188,
      "new_path": "ssl/d1_both.cc"
    },
    {
      "type": "modify",
      "old_id": "af988dea00327be81f916d015b1ebcc14b359cd6",
      "old_mode": 33188,
      "old_path": "ssl/internal.h",
      "new_id": "0ea226a4b6d43319a9893ec008200f121c08ed53",
      "new_mode": 33188,
      "new_path": "ssl/internal.h"
    }
  ]
}
