fix: integer overflow in NNS tests in is_inactive (#1984)

In tests, `now` was observed to be set to something between 50 and 60 seconds. When `now` is set to less than 2 weeks, an integer overflow is triggered, which can cause the neuron to be incorrectly recognized as inactive. This happened during testing of `claim_neuron`. This should not affect prod because in prod, `now` should always be much larger than 2 weeks. This was discovered using TLA codelink.
dfinity · Oct 11, 2024 · c4b3c8f · c4b3c8f
1 parent 3e274c7
commit c4b3c8f
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/rs/nns/governance/src/neuron/types.rs b/rs/nns/governance/src/neuron/types.rs
@@ -954,7 +954,8 @@ impl Neuron {
 
         // 3.2: Now, we know when self is "dissolved" (could be in the past, present, or future).
         // Thus, we can evaluate whether that happened sufficiently long ago.
-        let max_dissolved_at_timestamp_seconds_to_be_inactive = now - 2 * 7 * ONE_DAY_SECONDS;
+        let max_dissolved_at_timestamp_seconds_to_be_inactive =
+            now.saturating_sub(2 * 7 * ONE_DAY_SECONDS);
         if dissolved_at_timestamp_seconds > max_dissolved_at_timestamp_seconds_to_be_inactive {
             return false;
         }