- djm@cvs.openbsd.org 2013/06/22 06:31:57

[scp.c] improved time_t overflow check suggested by guenther@
author: djm <djm> 2013-07-18 06:11:25 +0000
committer: djm <djm> 2013-07-18 06:11:25 +0000
commit: f08e680edf004014cd64105c1c2ace3eb37de3cc (patch)
tree: 09332eca668438c396b74c4d0d6270fe4c6fe9c5 /scp.c
parent: afbc1e38ea311c4e9ff6b56f1ed5f0d41bde6c44 (diff)
download: openssh-f08e680edf004014cd64105c1c2ace3eb37de3cc.tar.gz
1 files changed, 5 insertions, 3 deletions
diff --git a/scp.c b/scp.c
index 958faf3f..28ded5e9 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.177 2013/06/21 05:43:10 djm Exp $ */
+/* $OpenBSD: scp.c,v 1.178 2013/06/22 06:31:57 djm Exp $ */
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
  * uses ssh to do the data transfer (instead of using rcmd).
@@ -976,7 +976,8 @@ sink(int argc, char **argv)
 			ull = strtoull(cp, &cp, 10);
 			if (!cp || *cp++ != ' ')
 				SCREWUP("mtime.sec not delimited");
-			if ((time_t)ull < 0 || ull > LLONG_MAX)
+			if ((time_t)ull < 0 ||
+			    (unsigned long long)(time_t)ull != ull)
 				setimes = 0;	/* out of range */
 			mtime.tv_sec = ull;
 			mtime.tv_usec = strtol(cp, &cp, 10);
@@ -988,7 +989,8 @@ sink(int argc, char **argv)
 			ull = strtoull(cp, &cp, 10);
 			if (!cp || *cp++ != ' ')
 				SCREWUP("atime.sec not delimited");
-			if ((time_t)ull < 0 || ull > LLONG_MAX)
+			if ((time_t)ull < 0 ||
+			    (unsigned long long)(time_t)ull != ull)
 				setimes = 0;	/* out of range */
 			atime.tv_sec = ull;
 			atime.tv_usec = strtol(cp, &cp, 10);
author	djm <djm>	2013-07-18 06:11:25 +0000
committer	djm <djm>	2013-07-18 06:11:25 +0000
commit	f08e680edf004014cd64105c1c2ace3eb37de3cc (patch)
tree	09332eca668438c396b74c4d0d6270fe4c6fe9c5 /scp.c
parent	afbc1e38ea311c4e9ff6b56f1ed5f0d41bde6c44 (diff)
download	openssh-f08e680edf004014cd64105c1c2ace3eb37de3cc.tar.gz