From 2763a427dedab98463deaa151c56291aeea1c883 Mon Sep 17 00:00:00 2001
From: rubidium <rubidium@openttd.org>
Date: Fri, 13 Jul 2007 20:46:53 +0000
Subject: [PATCH] (svn r10555) -Codechange/Fix: add a soft limit of 4096
 "entities" in a station's waiting queue and a hard limit of 32768 so
 (malicious) people cannot cause a "denial of service" attack by filling cargo
 lists.

---
 src/station_cmd.cpp | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/station_cmd.cpp b/src/station_cmd.cpp
index c870d63096..2f0602e8f1 100644
--- a/src/station_cmd.cpp
+++ b/src/station_cmd.cpp
@@ -2411,6 +2411,21 @@ static void UpdateStationRating(Station *st)
 					}
 				}
 
+				/* At some point we really must cap the cargo. Previously this
+				 * was a strict 4095, but now we'll have a less strict, but
+				 * increasingly agressive truncation of the amount of cargo. */
+				static const uint WAITING_CARGO_THRESHOLD  = 1 << 12;
+				static const uint WAITING_CARGO_CUT_FACTOR = 1 <<  6;
+				static const uint MAX_WAITING_CARGO        = 1 << 15;
+
+				if (waiting > WAITING_CARGO_THRESHOLD) {
+					uint difference = waiting - WAITING_CARGO_THRESHOLD;
+					waiting -= (difference / WAITING_CARGO_CUT_FACTOR);
+
+					waiting = min(waiting, MAX_WAITING_CARGO);
+					waiting_changed = true;
+				}
+
 				if (waiting_changed) ge->cargo.Truncate(waiting);
 			}
 		}