tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream commit 

Check for integer overflow when parsing times in
convtime().  Reported by nicolas.iooss at m4x.org, ok djm@

Upstream-ID: 35e6a4e98f6fa24df50bfb8ba1307cf70e966f13
This commit is contained in:
dtucker@openbsd.org 2017-03-14 00:25:03 +00:00 committed by Darren Tucker
parent f5907982f4
commit f5746b40cf
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
misc.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: misc.c,v 1.107 2016/11/30 00:28:31 dtucker Exp $ */ /* $OpenBSD: misc.c,v 1.108 2017/03/14 00:25:03 dtucker Exp $ */
/* /*
* Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2005,2006 Damien Miller. All rights reserved. * Copyright (c) 2005,2006 Damien Miller. All rights reserved.
@ -306,7 +306,7 @@ a2tun(const char *s, int *remote)
long long
convtime(const char *s) convtime(const char *s)
{ {
long total, secs; long total, secs, multiplier = 1;
const char *p; const char *p;
char *endp; char *endp;
@ -333,23 +333,28 @@ convtime(const char *s)
break; break;
case 'm': case 'm':
case 'M': case 'M':
secs *= MINUTES; multiplier = MINUTES;
break; break;
case 'h': case 'h':
case 'H': case 'H':
secs *= HOURS; multiplier = HOURS;
break; break;
case 'd': case 'd':
case 'D': case 'D':
secs *= DAYS; multiplier = DAYS;
break; break;
case 'w': case 'w':
case 'W': case 'W':
secs *= WEEKS; multiplier = WEEKS;
break; break;
default: default:
return -1; return -1;
} }
if (secs > LONG_MAX / multiplier)
return -1;
secs *= multiplier;
if (total > LONG_MAX - secs)
return -1;
total += secs; total += secs;
if (total < 0) if (total < 0)
return -1; return -1;