git: fb4be8661166 - stable/15 - IPv6: fix off-by-one in pltime and vltime expiration checks
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 23 Sep 2025 08:31:57 UTC
The branch stable/15 has been updated by ae:
URL: https://cgit.FreeBSD.org/src/commit/?id=fb4be8661166e18afa4b10921f7d5fbd22460390
commit fb4be8661166e18afa4b10921f7d5fbd22460390
Author: Andrey V. Elsukov <ae@FreeBSD.org>
AuthorDate: 2025-09-16 07:34:55 +0000
Commit: Andrey V. Elsukov <ae@FreeBSD.org>
CommitDate: 2025-09-23 08:31:12 +0000
IPv6: fix off-by-one in pltime and vltime expiration checks
Previously, the macros used '>' instead of '>=' when comparing elapsed
time against the preferred and valid lifetimes. This caused any deprecated
address to become usable again for one extra second after receiving each
Router Advertisement. In that short window, the address could be
selected as a source for outgoing connections.
Update the checks to use '>=' so that addresses are deprecated or
invalid when their lifetime expires.
PR: 289177
Reported by: Dmitry Nexus <fbsd.4f6a at nexus tel>
Reviewed by: zlei
Submitted by: Marek Zarychta
Differential Revision: https://reviews.freebsd.org/D52323
(cherry picked from commit 588a5fad3e8b98955b60707e3e92b8b43566e3f7)
---
sys/netinet6/in6.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/sys/netinet6/in6.h b/sys/netinet6/in6.h
index 1ca846ebf514..67c3ccbb1be8 100644
--- a/sys/netinet6/in6.h
+++ b/sys/netinet6/in6.h
@@ -358,11 +358,11 @@ extern const struct in6_addr in6addr_linklocal_allv2routers;
#define IFA6_IS_DEPRECATED(a) \
((a)->ia6_lifetime.ia6t_pltime != ND6_INFINITE_LIFETIME && \
- (u_int32_t)((time_uptime - (a)->ia6_updatetime)) > \
+ (u_int32_t)((time_uptime - (a)->ia6_updatetime)) >= \
(a)->ia6_lifetime.ia6t_pltime)
#define IFA6_IS_INVALID(a) \
((a)->ia6_lifetime.ia6t_vltime != ND6_INFINITE_LIFETIME && \
- (u_int32_t)((time_uptime - (a)->ia6_updatetime)) > \
+ (u_int32_t)((time_uptime - (a)->ia6_updatetime)) >= \
(a)->ia6_lifetime.ia6t_vltime)
#endif /* _KERNEL */