[glib/glib-2-52] gsocket: Fix potential multiplication overflow calculating timeout



commit 20fcc2d1cbb4f790f862ed20517935a68a3f9608
Author: Philip Withnall <withnall endlessm com>
Date:   Mon Apr 3 11:56:43 2017 +0100

    gsocket: Fix potential multiplication overflow calculating timeout
    
    socket->priv->timeout is only a guint, and the multiplication is
    performed before it’s widened to gint64 to be stored in start_time
    (thanks, C). This means any timeout of 50 days or more would overflow.
    Fixing this bug makes me feel a real sense of self-worth.
    
    Coverity ID: 1159478
    
    Signed-off-by: Philip Withnall <withnall endlessm com>

 gio/gsocket.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/gio/gsocket.c b/gio/gsocket.c
index c7555ba..c5fc855 100644
--- a/gio/gsocket.c
+++ b/gio/gsocket.c
@@ -3857,7 +3857,7 @@ g_socket_condition_timed_wait (GSocket       *socket,
 
   if (socket->priv->timeout &&
       (timeout < 0 || socket->priv->timeout < timeout / G_USEC_PER_SEC))
-    timeout = socket->priv->timeout * 1000;
+    timeout = (gint64) socket->priv->timeout * 1000;
   else if (timeout != -1)
     timeout = timeout / 1000;
 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]