From f22a5efde5d9f1b27214c4199c6c9ca3ddf7bd73 Mon Sep 17 00:00:00 2001
From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com>
Date: Tue, 6 Oct 2020 20:02:14 +0000
Subject: [PATCH] Faucet request limiter can overflow (bp #12691) (#12694)

* faucet: Add failing test case

(cherry picked from commit 5ae704d560dddb7efc35d28b46d0f75a29e12652)

* faucet: Use checked math in request limiter

(cherry picked from commit 87de82ac944eea7561195e936d1029e93b845d85)

Co-authored-by: Trent Nelson <trent@solana.com>
---
 faucet/src/faucet.rs | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/faucet/src/faucet.rs b/faucet/src/faucet.rs
index 45e09a04c9..28e19398c9 100644
--- a/faucet/src/faucet.rs
+++ b/faucet/src/faucet.rs
@@ -87,7 +87,10 @@ impl Faucet {
     }
 
     pub fn check_time_request_limit(&mut self, request_amount: u64) -> bool {
-        (self.request_current + request_amount) <= self.per_time_cap
+        self.request_current
+            .checked_add(request_amount)
+            .map(|s| s <= self.per_time_cap)
+            .unwrap_or(false)
     }
 
     pub fn clear_request_count(&mut self) {
@@ -122,7 +125,7 @@ impl Faucet {
                     }
                 }
                 if self.check_time_request_limit(lamports) {
-                    self.request_current += lamports;
+                    self.request_current = self.request_current.saturating_add(lamports);
                     datapoint_info!(
                         "faucet-airdrop",
                         ("request_amount", lamports, i64),
@@ -324,6 +327,8 @@ mod tests {
         assert!(faucet.check_time_request_limit(1));
         faucet.request_current = 3;
         assert!(!faucet.check_time_request_limit(1));
+        faucet.request_current = 1;
+        assert!(!faucet.check_time_request_limit(u64::MAX));
     }
 
     #[test]