From eec42f59364590f2210849a3a48ceb3ee8cbbb1c Mon Sep 17 00:00:00 2001 From: Steven Barth Date: Tue, 28 May 2013 19:59:19 +0200 Subject: [PATCH] IPv6: fix wrap-arounds in address lifetimes --- interface-ip.c | 9 +++++++-- interface.c | 1 + proto.c | 25 ++++++++++++++----------- 3 files changed, 22 insertions(+), 13 deletions(-) diff --git a/interface-ip.c b/interface-ip.c index 2444cda..47747cb 100644 --- a/interface-ip.c +++ b/interface-ip.c @@ -17,6 +17,7 @@ #include #include +#include #include #include "netifd.h" @@ -328,8 +329,12 @@ interface_ip_add_route(struct interface *iface, struct blob_attr *attr, bool v6) route->flags |= DEVROUTE_TABLE; } - if ((cur = tb[ROUTE_VALID]) != NULL) - route->valid_until = system_get_rtime() + blobmsg_get_u32(cur); + if ((cur = tb[ROUTE_VALID]) != NULL) { + int64_t valid = blobmsg_get_u32(cur); + int64_t valid_until = valid + (int64_t)system_get_rtime(); + if (valid_until <= LONG_MAX && valid != 0xffffffffLL) // Catch overflow + route->valid_until = valid_until; + } vlist_add(&ip->route, &route->node, route); return; diff --git a/interface.c b/interface.c index 42e5a82..2e7a96f 100644 --- a/interface.c +++ b/interface.c @@ -508,6 +508,7 @@ interface_init(struct interface *iface, const char *name, } // Set a default exteranl routing table for IPv6 to do source-based-filtering + iface->ip6table = 1000 + ++interface_serial; if ((cur = tb[IFACE_ATTR_IP6TABLE])) { if (!system_resolve_rt_table(blobmsg_data(cur), &iface->ip6table)) diff --git a/proto.c b/proto.c index dff5bbb..d060d2e 100644 --- a/proto.c +++ b/proto.c @@ -15,6 +15,7 @@ #include #include #include +#include #include #include @@ -187,15 +188,17 @@ parse_address_item(struct blob_attr *attr, bool v6, bool ext) } else { time_t now = system_get_rtime(); if ((cur = tb[ADDR_PREFERRED])) { - uint32_t preferred = blobmsg_get_u32(cur); - if (preferred < UINT32_MAX) - addr->preferred_until = now + preferred; + int64_t preferred = blobmsg_get_u32(cur); + int64_t preferred_until = preferred + (int64_t)now; + if (preferred_until <= LONG_MAX && preferred != 0xffffffffLL) + addr->preferred_until = preferred_until; } if ((cur = tb[ADDR_VALID])) { - uint32_t valid = blobmsg_get_u32(cur); - if (valid < UINT32_MAX) - addr->valid_until = now + valid; + int64_t valid = blobmsg_get_u32(cur); + int64_t valid_until = valid + (int64_t)now; + if (valid_until <= LONG_MAX && valid != 0xffffffffLL) + addr->valid_until = valid_until; } @@ -283,8 +286,8 @@ parse_prefix_option(struct interface *iface, const char *str, size_t len) char *validstr = (!prefstr) ? NULL : strtok_r(NULL, ",", &saveptr); char *addstr = (!validstr) ? NULL : strtok_r(NULL, ",", &saveptr); - uint32_t pref = (!prefstr) ? 0 : strtoul(prefstr, NULL, 10); - uint32_t valid = (!validstr) ? 0 : strtoul(validstr, NULL, 10); + int64_t pref = (!prefstr) ? 0 : strtoul(prefstr, NULL, 10); + int64_t valid = (!validstr) ? 0 : strtoul(validstr, NULL, 10); uint8_t length = strtoul(lengthstr, NULL, 10), excl_length = 0; if (length < 1 || length > 64) @@ -319,13 +322,13 @@ parse_prefix_option(struct interface *iface, const char *str, size_t len) - time_t now = system_get_rtime(); + int64_t now = system_get_rtime(); time_t preferred_until = 0; - if (prefstr && pref != 0xffffffffU) + if (prefstr && pref != 0xffffffffLL && pref + now <= LONG_MAX) preferred_until = pref + now; time_t valid_until = 0; - if (validstr && valid != 0xffffffffU) + if (validstr && valid != 0xffffffffLL && valid + now <= LONG_MAX) valid_until = valid + now; interface_ip_add_device_prefix(iface, &addr, length, -- 2.25.1