mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 15:43:32 +01:00
dos: We can put less token than the current amount
Becasue the circuit creation burst and rate can change at runtime it is possible that between two refill of a bucket, we end up setting the bucket value to less than there currently is. Fixes #25128 Signed-off-by: David Goulet <dgoulet@torproject.org>
This commit is contained in:
parent
3bed8fdb91
commit
78d6cb5870
@ -308,8 +308,6 @@ cc_stats_refill_bucket(cc_client_stats_t *stats, const tor_addr_t *addr)
|
|||||||
new_circuit_bucket_count = MIN(stats->circuit_bucket + (uint32_t)num_token,
|
new_circuit_bucket_count = MIN(stats->circuit_bucket + (uint32_t)num_token,
|
||||||
dos_cc_circuit_burst);
|
dos_cc_circuit_burst);
|
||||||
}
|
}
|
||||||
/* This function is not allowed to make the bucket count smaller */
|
|
||||||
tor_assert_nonfatal(new_circuit_bucket_count >= stats->circuit_bucket);
|
|
||||||
log_debug(LD_DOS, "DoS address %s has its circuit bucket value: %" PRIu32
|
log_debug(LD_DOS, "DoS address %s has its circuit bucket value: %" PRIu32
|
||||||
". Filling it to %" PRIu32 ". Circuit rate is %" PRIu64
|
". Filling it to %" PRIu32 ". Circuit rate is %" PRIu64
|
||||||
". Elapsed time is %" PRIi64,
|
". Elapsed time is %" PRIi64,
|
||||||
|
Loading…
Reference in New Issue
Block a user