From a8a3ddec6ab31c8111bc3374fb7cbfe9957fcda5 Mon Sep 17 00:00:00 2001
From: Richard Cochran <richardcochran@gmail.com>
Date: Fri, 28 Aug 2015 17:02:01 +0200
Subject: [PATCH] Fix integer overflow in the foreign master bookkeeping code.

The logMessageInterval field has an improbable range from 2^-128 to 2^127
seconds.  The extreme ends cause an integer overflow in the calculation
of the "foreign master time window".  Buggy or mis-configured foreign
masters advertising extreme values will cause incorrect announce message
aging.

This patch fixes the issue by adding thresholds for the bogus extremes.

Signed-off-by: Richard Cochran <richardcochran@gmail.com>
---
 port.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/port.c b/port.c
index 3984b78..ef2686d 100644
--- a/port.c
+++ b/port.c
@@ -163,10 +163,15 @@ static int msg_current(struct ptp_message *m, struct timespec now)
 	t1 = m->ts.host.tv_sec * NSEC2SEC + m->ts.host.tv_nsec;
 	t2 = now.tv_sec * NSEC2SEC + now.tv_nsec;
 
-	if (m->header.logMessageInterval < 0)
+	if (m->header.logMessageInterval < -63) {
+		tmo = 0;
+	} else if (m->header.logMessageInterval > 31) {
+		tmo = INT64_MAX;
+	} else if (m->header.logMessageInterval < 0) {
 		tmo = 4LL * NSEC2SEC / (1 << -m->header.logMessageInterval);
-	else
+	} else {
 		tmo = 4LL * (1 << m->header.logMessageInterval) * NSEC2SEC;
+	}
 
 	return t2 - t1 < tmo;
 }