Curl_socket_check: add extra check to avoid integer overflow

2016-10-18 09:45:34 +02:00 · 2016-10-18 09:45:34 +02:00 · 9aa2afc3a5
parent d18c546454
commit 9aa2afc3a5
1 changed files with 6 additions and 0 deletions
--- a/lib/select.c
+++ b/lib/select.c
@ -165,6 +165,12 @@ int Curl_socket_check(curl_socket_t readfd0, /* two sockets to read from */
  int r;
  int ret;

+#if SIZEOF_LONG != SIZEOF_INT
+  /* wrap-around precaution */
+  if(timeout_ms >= INT_MAX)
+    timeout_ms = INT_MAX;
+#endif
+
  if((readfd0 == CURL_SOCKET_BAD) && (readfd1 == CURL_SOCKET_BAD) &&
     (writefd == CURL_SOCKET_BAD)) {
    /* no sockets, just wait */