[tor-commits] [tor/release-0.2.9] dos: We can put less token than the current amount

nickm at torproject.org nickm at torproject.org
Fri Feb 16 14:56:20 UTC 2018

commit 78d6cb58707ff46464c591e45d81e83388427e2c
Author: David Goulet <dgoulet at torproject.org>
Date:   Fri Feb 2 17:04:12 2018 -0500

    dos: We can put less token than the current amount
    Becasue the circuit creation burst and rate can change at runtime it is
    possible that between two refill of a bucket, we end up setting the bucket
    value to less than there currently is.
    Fixes #25128
    Signed-off-by: David Goulet <dgoulet at torproject.org>
 src/or/dos.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/or/dos.c b/src/or/dos.c
index c221e5ecd..88f1351a3 100644
--- a/src/or/dos.c
+++ b/src/or/dos.c
@@ -308,8 +308,6 @@ cc_stats_refill_bucket(cc_client_stats_t *stats, const tor_addr_t *addr)
     new_circuit_bucket_count = MIN(stats->circuit_bucket + (uint32_t)num_token,
-  /* This function is not allowed to make the bucket count smaller */
-  tor_assert_nonfatal(new_circuit_bucket_count >= stats->circuit_bucket);
   log_debug(LD_DOS, "DoS address %s has its circuit bucket value: %" PRIu32
                     ". Filling it to %" PRIu32 ". Circuit rate is %" PRIu64
                     ". Elapsed time is %" PRIi64,

More information about the tor-commits mailing list