[glib] gsocket: Fix potential multiplication overflow calculating timeout

From: Philip Withnall <pwithnall src gnome org>
To: commits-list gnome org
Cc:
Subject: [glib] gsocket: Fix potential multiplication overflow calculating timeout
Date: Mon, 3 Apr 2017 11:00:01 +0000 (UTC)

commit 1f396fd7d6a88e0a45985828a57d1b1654ab1d47
Author: Philip Withnall <withnall endlessm com>
Date:   Mon Apr 3 11:56:43 2017 +0100

    gsocket: Fix potential multiplication overflow calculating timeout
    
    socket->priv->timeout is only a guint, and the multiplication is
    performed before it’s widened to gint64 to be stored in start_time
    (thanks, C). This means any timeout of 50 days or more would overflow.
    Fixing this bug makes me feel a real sense of self-worth.
    
    Coverity ID: 1159478
    
    Signed-off-by: Philip Withnall <withnall endlessm com>

 gio/gsocket.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/gio/gsocket.c b/gio/gsocket.c
index c7555ba..c5fc855 100644
--- a/gio/gsocket.c
+++ b/gio/gsocket.c
@@ -3857,7 +3857,7 @@ g_socket_condition_timed_wait (GSocket       *socket,
 
   if (socket->priv->timeout &&
       (timeout < 0 || socket->priv->timeout < timeout / G_USEC_PER_SEC))
-    timeout = socket->priv->timeout * 1000;
+    timeout = (gint64) socket->priv->timeout * 1000;
   else if (timeout != -1)
     timeout = timeout / 1000;

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]