diff options
author | Jay Satiro <raysatiro@yahoo.com> | 2020-04-23 15:08:56 -0400 |
---|---|---|
committer | Jay Satiro <raysatiro@yahoo.com> | 2020-05-02 15:02:20 -0400 |
commit | 85eda4e87aa54b6412a81f8544939430fc89b8d9 (patch) | |
tree | 34d4ff070e471693b166414643d7d8f41dcfcef2 | |
parent | 0e058776c02cf8ddc753a36f9cde98cc87899d51 (diff) | |
download | curl-85eda4e87aa54b6412a81f8544939430fc89b8d9.tar.gz |
select: fix overflow protection in Curl_socket_check
Follow-up to a96c752 which changed the timeout_ms type from time_t to
timediff_t.
Ref: https://github.com/curl/curl/pull/5240
Closes https://github.com/curl/curl/pull/5286
-rw-r--r-- | lib/select.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/lib/select.c b/lib/select.c index d91b20a4b..8e4c61bbd 100644 --- a/lib/select.c +++ b/lib/select.c @@ -22,6 +22,8 @@ #include "curl_setup.h" +#include <limits.h> + #ifdef HAVE_SYS_SELECT_H #include <sys/select.h> #elif defined(HAVE_UNISTD_H) @@ -50,6 +52,7 @@ #include "urldata.h" #include "connect.h" #include "select.h" +#include "timeval.h" #include "warnless.h" /* Convenience local macros */ @@ -216,11 +219,15 @@ int Curl_socket_check(curl_socket_t readfd0, /* two sockets to read from */ int r; int ret; -#if SIZEOF_TIME_T != SIZEOF_INT - /* wrap-around precaution */ - if(timeout_ms >= INT_MAX) + /* prevent overflow. timeout_ms is typecast to time_t and int. */ +#if TIMEDIFF_T_MAX > INT_MAX + if(timeout_ms > INT_MAX) timeout_ms = INT_MAX; #endif +#if INT_MAX > TIME_T_MAX + if(timeout_ms > (int)TIME_T_MAX) + timeout_ms = (int)TIME_T_MAX; +#endif if((readfd0 == CURL_SOCKET_BAD) && (readfd1 == CURL_SOCKET_BAD) && (writefd == CURL_SOCKET_BAD)) { |