[#337,!167] Guard against expiration time lower than valid lifetime.

diff --git a/src/hooks/dhcp/lease_cmds/lease_parser.cc b/src/hooks/dhcp/lease_cmds/lease_parser.cc
index e7dd3cbdeec2de7ecdcf23b2981e846b7e89ab00..24b252ba2dddc9db3642fdd146956cc0a1b37700 100644 (file)
--- a/src/hooks/dhcp/lease_cmds/lease_parser.cc
+++ b/src/hooks/dhcp/lease_cmds/lease_parser.cc
@@ -99,6 +99,10 @@ Lease4Parser::parse(ConstSrvConfigPtr& cfg,
         if (expire_time <= 0) {
             isc_throw(BadValue , "expiration time must be positive for address "
                       << addr);
+
+        } else if (expire_time < valid_lft) {
+            isc_throw(BadValue, "expiration time must be greater than valid lifetime"
+                      " for address " << addr);
         }
         cltt = static_cast<time_t>(expire_time - valid_lft);
     } else {
@@ -290,7 +294,12 @@ Lease6Parser::parse(ConstSrvConfigPtr& cfg,
         if (expire_time <= 0) {
             isc_throw(BadValue , "expiration time must be positive for address "
                       << addr);
+
+        } else if (expire_time < valid_lft) {
+            isc_throw(BadValue, "expiration time must be greater than valid lifetime"
+                      " for address " << addr);
         }
+
         cltt = static_cast<time_t>(expire_time - valid_lft);
     } else {
         cltt = time(NULL);

diff --git a/src/hooks/dhcp/lease_cmds/tests/lease_cmds_unittest.cc b/src/hooks/dhcp/lease_cmds/tests/lease_cmds_unittest.cc
index 3fbb1e22e200081adc34662befa3501bc033c274..6c6cdd6e390f2cfe3b1772590c49f1d82c304d57 100644 (file)
--- a/src/hooks/dhcp/lease_cmds/tests/lease_cmds_unittest.cc
+++ b/src/hooks/dhcp/lease_cmds/tests/lease_cmds_unittest.cc
@@ -800,6 +800,35 @@ TEST_F(LeaseCmdsTest, Lease4AddNegativeExpireTime) {
     ASSERT_FALSE(l);
 }
 
+// Check that the lease with negative cltt is rejected.
+TEST_F(LeaseCmdsTest, Lease4AddNegativeCltt) {
+
+    // Initialize lease manager (false = v4, false = don't add leases)
+    initLeaseMgr(false, false);
+
+    // Check that the lease manager pointer is there.
+    ASSERT_TRUE(lmptr_);
+
+    // Add a lease with negative cltt (expiration time - valid lifetime)
+    string txt =
+        "{\n"
+        "    \"command\": \"lease4-add\",\n"
+        "    \"arguments\": {"
+        "        \"ip-address\": \"192.0.2.202\",\n"
+        "        \"hw-address\": \"1a:1b:1c:1d:1e:1f\",\n"
+        "        \"expire\": 123456,\n"
+        "        \"valid-lft\": 123457"
+        "    }\n"
+        "}";
+    string exp_rsp = "expiration time must be greater than valid lifetime for "
+        "address 192.0.2.202";
+    testCommand(txt, CONTROL_RESULT_ERROR, exp_rsp);
+
+    // Now check that the lease was not added.
+    Lease4Ptr l = lmptr_->getLease4(IOAddress("192.0.2.202"));
+    ASSERT_FALSE(l);
+}
+
 // Check that a well formed lease4 with tons of parameters can be added.
 TEST_F(LeaseCmdsTest, Lease4AddFull) {
 
@@ -1077,6 +1106,24 @@ TEST_F(LeaseCmdsTest, Lease6AddBadParams) {
     exp_rsp = "expiration time must be positive for address 2001:db8:1::1";
     testCommand(txt, CONTROL_RESULT_ERROR, exp_rsp);
 
+    // Negative cltt
+    txt =
+        "{\n"
+        "    \"command\": \"lease6-add\",\n"
+        "    \"arguments\": {"
+        "        \"subnet-id\": 66,\n"
+        "        \"ip-address\": \"2001:db8:1::1\",\n"
+        "        \"duid\": \"1a:1b:1c:1d:1e:1f\",\n"
+        "        \"iaid\": 1234\n,"
+        "        \"user-context\": { \"comment\": \"in user context\" },\n"
+        "        \"expire\": 123456,\n"
+        "        \"valid-lft\": 123457"
+        "    }\n"
+        "}";
+    exp_rsp = "expiration time must be greater than valid lifetime for address "
+        "2001:db8:1::1";
+    testCommand(txt, CONTROL_RESULT_ERROR, exp_rsp);
+
 }
 
 // Check that a simple, well formed lease6 can be added.