From be1a5191f8e0ca14b6db0880660d5897964fef40 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Tue, 6 Nov 2007 19:42:37 +0000
Subject:  r16462@catbus:  nickm | 2007-11-06 14:40:58 -0500  Fix bug 544: do
 not allow buckets to overflow.  Backportable.

svn:r12400
---
 src/or/connection.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

(limited to 'src/or')

diff --git a/src/or/connection.c b/src/or/connection.c
index daf1e5a7f..40aa72d56 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -1638,14 +1638,20 @@ connection_bucket_init(void)
   }
 }
 
+/** DOCDOC */
 static void
 connection_bucket_refill_helper(int *bucket, int rate, int burst,
                                 int seconds_elapsed, const char *name)
 {
-  if (*bucket < burst) {
-    *bucket += rate*seconds_elapsed;
-    if (*bucket > burst)
+  int starting_bucket = *bucket;
+  if (starting_bucket < burst) {
+    int incr = rate*seconds_elapsed;
+    *bucket += incr;
+    if (*bucket > burst || *bucket < starting_bucket) {
+      /* If we overflow the burst, or underflow our starting bucket,
+       * cap the bucket value to burst. */
       *bucket = burst;
+    }
     log(LOG_DEBUG, LD_NET,"%s now %d.", name, *bucket);
   }
 }
-- 
cgit v1.2.3