Fix integer overflow in the foreign master bookkeeping code.

The logMessageInterval field has an improbable range from 2^-128 to 2^127
seconds.  The extreme ends cause an integer overflow in the calculation
of the "foreign master time window".  Buggy or mis-configured foreign
masters advertising extreme values will cause incorrect announce message
aging.

This patch fixes the issue by adding thresholds for the bogus extremes.

Signed-off-by: Richard Cochran <richardcochran@gmail.com>
master
Richard Cochran 2015-08-28 17:02:01 +02:00
parent 7b438defe5
commit a8a3ddec6a
1 changed files with 7 additions and 2 deletions

9
port.c
View File

@ -163,10 +163,15 @@ static int msg_current(struct ptp_message *m, struct timespec now)
t1 = m->ts.host.tv_sec * NSEC2SEC + m->ts.host.tv_nsec; t1 = m->ts.host.tv_sec * NSEC2SEC + m->ts.host.tv_nsec;
t2 = now.tv_sec * NSEC2SEC + now.tv_nsec; t2 = now.tv_sec * NSEC2SEC + now.tv_nsec;
if (m->header.logMessageInterval < 0) if (m->header.logMessageInterval < -63) {
tmo = 0;
} else if (m->header.logMessageInterval > 31) {
tmo = INT64_MAX;
} else if (m->header.logMessageInterval < 0) {
tmo = 4LL * NSEC2SEC / (1 << -m->header.logMessageInterval); tmo = 4LL * NSEC2SEC / (1 << -m->header.logMessageInterval);
else } else {
tmo = 4LL * (1 << m->header.logMessageInterval) * NSEC2SEC; tmo = 4LL * (1 << m->header.logMessageInterval) * NSEC2SEC;
}
return t2 - t1 < tmo; return t2 - t1 < tmo;
} }