mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-09-02 15:25:58 +00:00
Code Issues Releases Wiki Activity

Correct the integer overflow check in store_timespec().

Browse Source 
Fixes oss-fuzz issue #31463
This commit is contained in:
Todd C. Miller
2021-02-26 16:43:48 -07:00
parent 963ea4151e
commit d1cc1c59e8
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
plugins/sudoers/defaults.c
View File

@@ -855,10 +855,13 @@ store_timespec(const char *str, union sudo_defs_val *sd_un)
while (*str != '\0' && *str != '.') { while (*str != '\0' && *str != '.') {
if (!isdigit((unsigned char)*str)) if (!isdigit((unsigned char)*str))
debug_return_bool(false); /* invalid number */ debug_return_bool(false); /* invalid number */
if (ts.tv_sec > TIME_T_MAX / 10)
/* Verify (ts.tv_sec * 10) + digit <= TIME_T_MAX. */
i = *str++ - '0';
if (ts.tv_sec > (TIME_T_MAX - i) / 10)
debug_return_bool(false); /* overflow */ debug_return_bool(false); /* overflow */
ts.tv_sec *= 10; ts.tv_sec *= 10;
ts.tv_sec += *str++ - '0'; ts.tv_sec += i;
} }
if (*str++ == '.') { if (*str++ == '.') {
/* Convert optional fractional component to nanosecs. */ /* Convert optional fractional component to nanosecs. */