From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 15 Jan 2021 15:19:49 +0000 (+0100)
Subject: ike-sa: Avoid possible integer underflow when scheduling reauth after rekeying
X-Git-Tag: 5.9.2rc1~16
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=97857eaa120d5b5ae666370d0f2b924b47c13a8d;p=thirdparty%2Fstrongswan.git

ike-sa: Avoid possible integer underflow when scheduling reauth after rekeying

If the reauthentication is scheduled while rekeying, the difference
might be negative, however, schedule_job() takes an unsigned int,
so the reauth would get scheduled very far in the future.
---

diff --git a/src/libcharon/sa/ike_sa.c b/src/libcharon/sa/ike_sa.c
index 99c1116ca4..0f6f433cf1 100644
--- a/src/libcharon/sa/ike_sa.c
+++ b/src/libcharon/sa/ike_sa.c
@@ -2982,7 +2982,7 @@ METHOD(ike_sa_t, inherit_post, void,
 		time_t reauth, delete, now = time_monotonic(NULL);
 
 		this->stats[STAT_REAUTH] = other->stats[STAT_REAUTH];
-		reauth = this->stats[STAT_REAUTH] - now;
+		reauth = max(0, this->stats[STAT_REAUTH] - now);
 		delete = reauth + this->peer_cfg->get_over_time(this->peer_cfg);
 		this->stats[STAT_DELETE] = this->stats[STAT_REAUTH] + delete;
 		DBG1(DBG_IKE, "rescheduling reauthentication in %ds after rekeying, "