dhcp-client: Don't report long time to expiration after lease expires.
authorBen Pfaff <blp@nicira.com>
Fri, 9 Jan 2009 00:47:01 +0000 (16:47 -0800)
committerBen Pfaff <blp@nicira.com>
Tue, 13 Jan 2009 01:00:28 +0000 (17:00 -0800)
There is a race between time advancing past the lease expiration time
and actually transitioning to the expired state.  Fix this race.

Found by Chris Eagle via Fortify.

lib/dhcp-client.c

index 919bc31dbfe0237d2c6eb47bc927d6afd9d26d2b..4c12b4eb43e0b4917f5a2cf27196d36adabc2629 100644 (file)
@@ -356,7 +356,12 @@ dhclient_get_state_elapsed(const struct dhclient *cli)
 unsigned int
 dhclient_get_lease_remaining(const struct dhclient *cli)
 {
-    return dhclient_is_bound(cli) ? cli->lease_expiration - time_now() : 0;
+    if (dhclient_is_bound(cli)) {
+        time_t now = time_now();
+        return cli->lease_expiration > now ? cli->lease_expiration - now : 0;
+    } else {
+        return 0;
+    }
 }
 
 /* If 'cli' is bound to an IP address, returns that IP address; otherwise,