shithub: riscv

Download patch

ref: 94333ce6a694c4c9b282c1db4e0360ab6ef047b9
parent: 70c6bd03970c52d27a95c459b57943397caa3f6c
author: cinap_lenrek <[email protected]>
date: Sun Sep 23 18:07:56 EDT 2018 

devip, ipconfig: avoid overflow on lifetime checks


--- a/sys/src/9/ip/ipifc.c
+++ b/sys/src/9/ip/ipifc.c
@@ -84,9 +84,6 @@
 		return globalv6;
 }
 
-#define v6addrcurr(lifc) ((lifc)->preflt == ~0UL || \
-			(lifc)->origint + (lifc)->preflt >= NOW/1000)
-
 static int
 comprefixlen(uchar *a, uchar *b, int n)
 {
@@ -1214,6 +1211,7 @@
 static void
 findprimaryipv6(Fs *f, uchar *local)
 {
+	ulong now = NOW/1000;
 	int atype, atypel;
 	Iplifc *lifc;
 	Ipifc *ifc;
@@ -1227,7 +1225,8 @@
 		rlock(ifc);
 		for(lifc = ifc->lifc; lifc != nil; lifc = lifc->next){
 			atypel = v6addrtype(lifc->local);
-			if(atypel > atype && v6addrcurr(lifc)) {
+			if(atypel > atype)
+			if(lifc->preflt == ~0UL || lifc->preflt >= now-lifc->origint) {
 				ipmove(local, lifc->local);
 				atype = atypel;
 				if(atype == globalv6){
@@ -1300,6 +1299,7 @@
 		int	comprefixlen;
 	} a, b;
 	int atype;
+	ulong now;
 	Iplifc *lifc;
 
 	if(isv4(remote)){
@@ -1313,12 +1313,13 @@
 	b.deprecated = 1;
 	b.comprefixlen = 0;
 
+	now = NOW/1000;
 	for(lifc = ifc->lifc; lifc != nil; lifc = lifc->next){
 		if(lifc->tentative)
 			continue;
 
 		a.atype = v6addrtype(lifc->local);
-		a.deprecated = !v6addrcurr(lifc);
+		a.deprecated = lifc->preflt != ~0UL && lifc->preflt < now-lifc->origint;
 		a.comprefixlen = comprefixlen(lifc->local, remote, IPaddrlen);
 
 		/* prefer appropriate scope */
@@ -1648,17 +1649,18 @@
 ipifcremove6(Ipifc *ifc, char**, int argc)
 {
 	Iplifc *lifc, **l;
+	ulong now;
 
 	if(argc != 1)
 		return Ebadarg;
 
 	wlock(ifc);
+	now = NOW/1000;
 	for(l = &ifc->lifc; (lifc = *l) != nil;) {
 		if((lifc->type & Rv4) == 0)
-		if(lifc->validlt != ~0UL && lifc->origint + lifc->validlt < NOW/1000){
+		if(lifc->validlt != ~0UL && lifc->validlt < now-lifc->origint)
 			if(ipifcremlifc(ifc, l) == nil)
 				continue;
-		}
 		l = &lifc->next;
 	}
 	wunlock(ifc);
--- a/sys/src/cmd/ip/ipconfig/ipv6.c
+++ b/sys/src/cmd/ip/ipconfig/ipv6.c
@@ -719,8 +719,8 @@
 	now = time(nil);
 	for(rr = &routelist; (r = *rr) != nil;){
 		if(m > 100
-		|| r->prefixlt != ~0UL && now > r->time+r->prefixlt
-		|| r->routerlt != ~0UL && now > r->time+r->routerlt
+		|| r->prefixlt != ~0UL && r->prefixlt < now-r->time
+		|| r->routerlt != ~0UL && r->routerlt < now-r->time
 		|| ipcmp(r->src, ra->src) == 0 && r->routerlt != 0 && conf.routerlt == 0){
 			if(validip(r->gaddr))
 				removedefroute(r->gaddr, conf.lladdr, r->laddr, r->mask);