dovecot-1.1: Avoid integer overflows when calculating with very ...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-1.1/rev/75f36619846f
changeset: 8027:75f36619846f
user:      Timo Sirainen <tss at iki.fi>
date:      Sun Nov 30 04:20:03 2008 +0200
description:
Avoid integer overflows when calculating with very large timeout values.

diffstat:

1 file changed, 9 insertions(+), 4 deletions(-)
src/lib/ioloop.c |   13 +++++++++----

diffs (34 lines):

diff -r e24a2528ce21 -r 75f36619846f src/lib/ioloop.c
--- a/src/lib/ioloop.c	Sun Nov 30 04:03:35 2008 +0200
+++ b/src/lib/ioloop.c	Sun Nov 30 04:20:03 2008 +0200
@@ -188,6 +188,8 @@ static int timeout_get_wait_time(struct 
 		tv_r->tv_sec = tv_now->tv_sec;
 		tv_r->tv_usec = tv_now->tv_usec;
 	}
+	i_assert(tv_r->tv_sec > 0);
+	i_assert(timeout->next_run.tv_sec > 0);
 
 	tv_r->tv_sec = timeout->next_run.tv_sec - tv_r->tv_sec;
 	tv_r->tv_usec = timeout->next_run.tv_usec - tv_r->tv_usec;
@@ -196,14 +198,17 @@ static int timeout_get_wait_time(struct 
 		tv_r->tv_usec += 1000000;
 	}
 
-	/* round wait times up to next millisecond */
-	ret = tv_r->tv_sec * 1000 + (tv_r->tv_usec + 999) / 1000;
-	if (ret <= 0) {
+	if (tv_r->tv_sec < 0 || (tv_r->tv_sec == 0 && tv_r->tv_usec < 1000)) {
 		tv_r->tv_sec = 0;
 		tv_r->tv_usec = 0;
 		return 0;
 	}
-	i_assert(tv_r->tv_sec >= 0 && tv_r->tv_usec >= 0);
+	if (tv_r->tv_sec > INT_MAX/1000-1)
+		tv_r->tv_sec = INT_MAX/1000-1;
+
+	/* round wait times up to next millisecond */
+	ret = tv_r->tv_sec * 1000 + (tv_r->tv_usec + 999) / 1000;
+	i_assert(ret > 0 && tv_r->tv_sec >= 0 && tv_r->tv_usec >= 0);
 	return ret;
 }