From c4411841d23106a59480e2644cb66bf05644273e Mon Sep 17 00:00:00 2001
From: Roger Dingledine <arma@torproject.org>
Date: Fri, 14 Jul 2006 03:14:02 +0000
Subject: Avoid an integer underflow when the dir authority decides whether a
 router is stable: we might wrongly label it stable, and compute a slightly
 wrong median stability, when a descriptor is published later than now.

Inspired by Matt's Vidalia checkin:
http://trac.vidalia-project.net/changeset/1074


svn:r6758
---
 src/or/dirserv.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'src/or')

diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 679c169ea5..e57ec3ae56 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -1227,7 +1227,10 @@ static uint32_t guard_bandwidth = 0;
 static INLINE int
 real_uptime(routerinfo_t *router, time_t now)
 {
-  return router->uptime + (now - router->cache_info.published_on);
+  if (now < router->cache_info.published_on)
+    return router->uptime;
+  else
+    return router->uptime + (now - router->cache_info.published_on);
 }
 
 /** Return 1 if <b>router</b> is not suitable for these parameters, else 0.
-- 
cgit v1.2.3-54-g00ecf