diff options
author | Daniel Stenberg <daniel@haxx.se> | 2019-07-29 22:10:13 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2019-07-30 08:17:01 +0200 |
commit | db0a0dfb0eb41d39273b0590b992df58f38b9a4d (patch) | |
tree | cd429784d6d1a110620bf14ca745e19e21b85b1e /src/tool_getparam.c | |
parent | d23e87d551d2d99201d7eb275029b6f0660f5136 (diff) | |
download | curl-db0a0dfb0eb41d39273b0590b992df58f38b9a4d.tar.gz |
curl: cap the maximum allowed values for retry time arguments
... to avoid integer overflows later when multiplying with 1000 to
convert seconds to milliseconds.
Added test 1269 to verify.
Reported-by: Jason Lee
Closes #4166
Diffstat (limited to 'src/tool_getparam.c')
-rw-r--r-- | src/tool_getparam.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/tool_getparam.c b/src/tool_getparam.c index d0336351a..77a77da70 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -911,12 +911,12 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */ config->retry_connrefused = toggle; break; case 'h': /* --retry-delay */ - err = str2unum(&config->retry_delay, nextarg); + err = str2unummax(&config->retry_delay, nextarg, LONG_MAX/1000); if(err) return err; break; case 'i': /* --retry-max-time */ - err = str2unum(&config->retry_maxtime, nextarg); + err = str2unummax(&config->retry_maxtime, nextarg, LONG_MAX/1000); if(err) return err; break; |