Hi,

On 01-03-18 05:15, Selva Nair wrote:
> We can avoid all overflow and eliminate the check and the ASSERT
> by writing it as
> 
> time_t wakeup = (et->last - local_now) + et->n; // parens added for clarity
> 
> For the first subtraction to overflow, last and now have to differ by
>> INT_MAX (for 32 bit time_t), not something we should worry about
> (can't happen in normal operation).
> Further, the term in brackets is always negative (as now >= last),
> while et->n is positive and < INT_MAX by construction. So the final
> addition also cannot overflow. All assuming that 32 bit "now" and
> "last" are not used beyond 2037.
> 
> That would take care of this particular overflow concern.

Looking more closely at the "now" handling, I see that it indeed can not
go back (our notion of time can, but that is managed through now_adj,
not by setting now back).

So your approach is much simpler and better.  Since that is your
solution, do mind sending a patch?  I'll then do the review-and-ack.

-Steffan

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Reply via email to