From: Razvan Crainea <razvan@opensips.org>
Date: Thu, 31 Aug 2017 15:40:02 +0300
Subject: [PATCH] ratelimit: fix buffer overflow when using SBT algorithm
Make sure the window doesn't overflow
Fixes #1176
(cherry picked from commit d8854637e9329e7d6a52b87aa5cc4601450011c3)
diff --git a/modules/ratelimit/ratelimit.c b/modules/ratelimit/ratelimit.c
index cb77a5438..2cfb9c686 100644
--- a/modules/ratelimit/ratelimit.c
+++ b/modules/ratelimit/ratelimit.c
@@ -555,8 +555,8 @@ static inline int hist_check(rl_pipe_t *pipe)
pipe->rwin.start_index = first_good_index;
/* count current call; it will be the last element in the window */
- pipe->rwin.window[(pipe->rwin.start_index)
- + (pipe->rwin.window_size-1) % pipe->rwin.window_size]++;
+ pipe->rwin.window[((pipe->rwin.start_index)
+ + (pipe->rwin.window_size-1)) % pipe->rwin.window_size]++;
} else { /* now_total - start_total < rl_win_ms */
/* no need to modify the window, the value is inside it;