util: check overflow in parse_nsec()

2018-10-23 22:24:16 +09:00 · 2018-10-23 22:24:16 +09:00 · f6a178e91d
parent 8079c90333
commit f6a178e91d
1 changed files with 12 additions and 2 deletions
--- a/src/basic/time-util.c
+++ b/src/basic/time-util.c
@ -1194,12 +1194,22 @@ int parse_nsec(const char *t, nsec_t *nsec) {

                for (i = 0; i < ELEMENTSOF(table); i++)
                        if (startswith(e, table[i].suffix)) {
-                                nsec_t k = (nsec_t) z * table[i].nsec;
+                                nsec_t k;
+
+                                k = ((nsec_t) -1) / table[i].nsec;
+                                if ((nsec_t) l + 1 >= k || (nsec_t) z >= k)
+                                        return -ERANGE;
+
+                                k = (nsec_t) z * table[i].nsec;

                                for (; n > 0; n--)
                                        k /= 10;

-                                r += (nsec_t) l * table[i].nsec + k;
+                                k += (nsec_t) l * table[i].nsec;
+                                if (k >= ((nsec_t) -1) - r)
+                                        return -ERANGE;
+
+                                r += k;
                                p = e + strlen(table[i].suffix);

                                something = true;