local: check offset sanity before accumulation

Don't accept an offset that points to time before 1970 or outside the interval to which is mapped NTP time.
2025-12-03 17:35:06 -05:00 · 2015-04-07 14:58:58 +02:00
parent 183a648d01
commit aec97397e8
8 changed files with 77 additions and 13 deletions
--- a/util.c
+++ b/util.c
@@ -606,6 +606,36 @@ UTI_Int64ToTimeval(NTP_int64 *src,

 /* ================================================== */

+/* Maximum offset between two sane times */
+#define MAX_OFFSET 4294967296.0
+
+int
+UTI_IsTimeOffsetSane(struct timeval *tv, double offset)
+{
+  double t;
+
+  /* Handle nan correctly here */
+  if (!(offset > -MAX_OFFSET && offset < MAX_OFFSET))
+    return 0;
+
+  UTI_TimevalToDouble(tv, &t);
+  t += offset;
+
+  /* Time before 1970 is not considered valid */
+  if (t < 0.0)
+    return 0;
+
+#ifdef HAVE_LONG_TIME_T
+  /* Check if it's in the interval to which NTP time is mapped */
+  if (t < (double)NTP_ERA_SPLIT || t > (double)(NTP_ERA_SPLIT + (1LL << 32)))
+    return 0;
+#endif
+
+  return 1;
+}
+
+/* ================================================== */
+
 void
 UTI_TimevalNetworkToHost(Timeval *src, struct timeval *dest)
 {