From 12e30ce560c2b79f2de9ab7f44626063c0e7e2ff Mon Sep 17 00:00:00 2001
From: Oswald Buddenhagen <ossi@users.sf.net>
Date: Mon, 29 Jul 2024 12:05:43 +0200
Subject: [PATCH] cap readsz at buffer size

otherwise we may get negative comparison sizes, which the unsigned
arithmetic we use cannot represent. this would prevent buffer content
downshifting, resulting in prepare_read() erroring out.

amends 859b7dd.

REFMAIL: 87h740x2xe.fsf@wavexx.thregr.org
REFMAIL: ec0f6f2a-0151-46ad-865a-a6f77ad8e204@app.fastmail.com
REFMAIL: 87edk45p9o.fsf@b3l.xyz
REFMAIL: CYAWIDDGRHT7.2CH3R3D6Z3F97@ferdinandy.com
---
 src/socket.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/socket.c b/src/socket.c
index 52cd7c2..afd3f18 100644
--- a/src/socket.c
+++ b/src/socket.c
@@ -908,8 +908,11 @@ socket_fill( conn_t *sock )
 		// IIR filter for tracking average size of bulk reads.
 		// We use this to optimize the free space at the end of the
 		// buffer, hence the factor of 1.5.
-		if (n >= MIN_BULK_READ)
+		if (n >= MIN_BULK_READ) {
 			sock->readsz = (sock->readsz * 3 + n * 3 / 2) / 4;
+			if (sock->readsz > sizeof(sock->buf))
+				sock->readsz = sizeof(sock->buf);
+		}
 
 		socket_filled( sock, (uint)n );
 	}