We obey sendme cells even when we shouldn't get them
A client can send sendme cells preemptively to the exit relay, allowing:
cheating on her flow/congestion control, to get her bytes faster
DoS on the network, by adding way more cells into the network than she was supposed to.
perhaps a memory DoS on the entry relay, if she stops reading from the TLS connection but keeps up the blitz of sendme cells.
I believe the fix is to tear down the circuit when we get a sendme we should not have gotten.