From 26cbbc3c0c4c5526d90d72ecb15b3d373bbdf74c Mon Sep 17 00:00:00 2001
From: Stephan Bosch <stephan.bosch@open-xchange.com>
Date: Tue, 9 Nov 2021 23:33:42 +0100
Subject: [PATCH] quota: quota-util - Assert that either ceil or over parameter
 equals 0 in quota_is_over()

---
 src/plugins/quota/quota-util.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/src/plugins/quota/quota-util.c b/src/plugins/quota/quota-util.c
index 3e83b66504..3ea95d7b49 100644
--- a/src/plugins/quota/quota-util.c
+++ b/src/plugins/quota/quota-util.c
@@ -57,6 +57,13 @@ int quota_get_mail_size(struct quota_transaction_context *ctx,
 static inline bool
 quota_is_over(uoff_t alloc, int64_t used, uint64_t ceil, uint64_t over)
 {
+	/* The over parameter is the amount by which the resource usage exceeds
+	   the limit already. The ceil parameter is the amount by which the
+	   resource usage is allowed to increase before crossing the limit.
+	   Therefore, the over and ceil values are mutually exclusive; these
+	   cannot both be nonzero. */
+	i_assert(over == 0 || ceil == 0);
+
 	if (used < 0) {
 		/* Resource usage decreased in this transaction. */
 		const uint64_t deleted = (uint64_t)-used;
-- 
2.47.3