From 8993efc2a57b04799d7b51dd31a1255aef3aa930 Mon Sep 17 00:00:00 2001 From: Sohom Datta Date: Fri, 13 Oct 2023 23:01:16 +0200 Subject: [PATCH] tool_getparam: limit --rate to be smaller than number of ms Currently, curl allows users to specify absurd request rates that might be higher than the number of milliseconds in the unit (ex: curl --rate 3600050/h http://localhost:8080 does not error out despite there being only 3600000ms in a hour). This change adds a conditional check before the millisecond calculation making sure that the number is not higher than the numerator (the unit) If the number is higher, curl errors out with PARAM_NUMBER_TOO_LARGE Closes #12116 --- src/tool_getparam.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/tool_getparam.c b/src/tool_getparam.c index d9772a309a..b80d65792e 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -1043,6 +1043,12 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */ break; } } + + if(denominator > numerator) { + err = PARAM_NUMBER_TOO_LARGE; + break; + } + global->ms_per_transfer = numerator/denominator; } break; -- 2.47.3