Don't overflow router lifetime

When a prefix lifetime was greater than UINT16_MAX, we would advertise a
shorter router lifetime (even potentially 0). Saturate instead.

diff --git a/src/router.c b/src/router.c
index 526f9c25b12de4963b890fcc4dcec97ec275b59f..74d8a09d8fe44fde93f145133bfaac50f95600a2 100644 (file)
--- a/src/router.c
+++ b/src/router.c
@@ -292,10 +292,13 @@ static uint64_t send_router_advert(struct interface *iface, const struct in6_add
                                minvalid > 1000LL * TIME_LEFT(addr->valid, now))
                        minvalid = 1000LL * TIME_LEFT(addr->valid, now);
 
+               uint32_t this_lifetime = TIME_LEFT(addr->valid, now);
+               if (this_lifetime > UINT16_MAX)
+                       this_lifetime = UINT16_MAX;
                if (((addr->addr.s6_addr[0] & 0xfe) != 0xfc || iface->default_router)
                                && adv.h.nd_ra_router_lifetime
-                               && ntohs(adv.h.nd_ra_router_lifetime) < TIME_LEFT(addr->valid, now))
-                       adv.h.nd_ra_router_lifetime = htons(TIME_LEFT(addr->valid, now));
+                               && ntohs(adv.h.nd_ra_router_lifetime) < this_lifetime)
+                       adv.h.nd_ra_router_lifetime = htons(this_lifetime);
 
                odhcpd_bmemcpy(&p->nd_opt_pi_prefix, &addr->addr,
                                (iface->ra_advrouter) ? 128 : addr->prefix);