diff options
| author | cinap_lenrek <cinap_lenrek@felloff.net> | 2018-09-23 22:07:56 +0200 |
|---|---|---|
| committer | cinap_lenrek <cinap_lenrek@felloff.net> | 2018-09-23 22:07:56 +0200 |
| commit | 94333ce6a694c4c9b282c1db4e0360ab6ef047b9 (patch) | |
| tree | 3b5485501b85ea6e1098b8b1fe83d9c1dd2be2a5 | |
| parent | 70c6bd03970c52d27a95c459b57943397caa3f6c (diff) | |
devip, ipconfig: avoid overflow on lifetime checks
| -rw-r--r-- | sys/src/9/ip/ipifc.c | 16 | ||||
| -rw-r--r-- | sys/src/cmd/ip/ipconfig/ipv6.c | 4 |
2 files changed, 11 insertions, 9 deletions
diff --git a/sys/src/9/ip/ipifc.c b/sys/src/9/ip/ipifc.c index bceda8347..0a078077f 100644 --- a/sys/src/9/ip/ipifc.c +++ b/sys/src/9/ip/ipifc.c @@ -84,9 +84,6 @@ v6addrtype(uchar *addr) return globalv6; } -#define v6addrcurr(lifc) ((lifc)->preflt == ~0UL || \ - (lifc)->origint + (lifc)->preflt >= NOW/1000) - static int comprefixlen(uchar *a, uchar *b, int n) { @@ -1214,6 +1211,7 @@ findipifcstr(Fs *f, char *s) static void findprimaryipv6(Fs *f, uchar *local) { + ulong now = NOW/1000; int atype, atypel; Iplifc *lifc; Ipifc *ifc; @@ -1227,7 +1225,8 @@ findprimaryipv6(Fs *f, uchar *local) rlock(ifc); for(lifc = ifc->lifc; lifc != nil; lifc = lifc->next){ atypel = v6addrtype(lifc->local); - if(atypel > atype && v6addrcurr(lifc)) { + if(atypel > atype) + if(lifc->preflt == ~0UL || lifc->preflt >= now-lifc->origint) { ipmove(local, lifc->local); atype = atypel; if(atype == globalv6){ @@ -1300,6 +1299,7 @@ ipv6local(Ipifc *ifc, uchar *local, uchar *remote) int comprefixlen; } a, b; int atype; + ulong now; Iplifc *lifc; if(isv4(remote)){ @@ -1313,12 +1313,13 @@ ipv6local(Ipifc *ifc, uchar *local, uchar *remote) b.deprecated = 1; b.comprefixlen = 0; + now = NOW/1000; for(lifc = ifc->lifc; lifc != nil; lifc = lifc->next){ if(lifc->tentative) continue; a.atype = v6addrtype(lifc->local); - a.deprecated = !v6addrcurr(lifc); + a.deprecated = lifc->preflt != ~0UL && lifc->preflt < now-lifc->origint; a.comprefixlen = comprefixlen(lifc->local, remote, IPaddrlen); /* prefer appropriate scope */ @@ -1648,17 +1649,18 @@ char* ipifcremove6(Ipifc *ifc, char**, int argc) { Iplifc *lifc, **l; + ulong now; if(argc != 1) return Ebadarg; wlock(ifc); + now = NOW/1000; for(l = &ifc->lifc; (lifc = *l) != nil;) { if((lifc->type & Rv4) == 0) - if(lifc->validlt != ~0UL && lifc->origint + lifc->validlt < NOW/1000){ + if(lifc->validlt != ~0UL && lifc->validlt < now-lifc->origint) if(ipifcremlifc(ifc, l) == nil) continue; - } l = &lifc->next; } wunlock(ifc); diff --git a/sys/src/cmd/ip/ipconfig/ipv6.c b/sys/src/cmd/ip/ipconfig/ipv6.c index ff3b7a963..09a0133fc 100644 --- a/sys/src/cmd/ip/ipconfig/ipv6.c +++ b/sys/src/cmd/ip/ipconfig/ipv6.c @@ -719,8 +719,8 @@ recvrahost(uchar buf[], int pktlen) now = time(nil); for(rr = &routelist; (r = *rr) != nil;){ if(m > 100 - || r->prefixlt != ~0UL && now > r->time+r->prefixlt - || r->routerlt != ~0UL && now > r->time+r->routerlt + || r->prefixlt != ~0UL && r->prefixlt < now-r->time + || r->routerlt != ~0UL && r->routerlt < now-r->time || ipcmp(r->src, ra->src) == 0 && r->routerlt != 0 && conf.routerlt == 0){ if(validip(r->gaddr)) removedefroute(r->gaddr, conf.lladdr, r->laddr, r->mask); |