nscd: Use time_t for return type of addgetnetgrentX

Using int may give false results for future dates (timeouts after the
year 2028).

Fixes commit 04a21e050d64a1193a6daab872bca2528bda44b ("CVE-2024-33601,
CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX
(bug 31680)").

Reviewed-by: Carlos O'Donell <carlos@redhat.com>

diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c
index 4b35498e3ff9585be7d4bf843f3d2455bf088411..5fdcf4204ef73dd27dd74e6a1e1aefdec15621c0 100644 (file)
--- a/nscd/netgroupcache.c
+++ b/nscd/netgroupcache.c
@@ -680,8 +680,8 @@ readdinnetgr (struct database_dyn *db, struct hashentry *he,
       .key_len = he->len
     };
 
-  int timeout = addinnetgrX (db, -1, &req, db->data + he->key, he->owner,
-                            he, dh);
+  time_t timeout = addinnetgrX (db, -1, &req, db->data + he->key, he->owner,
+                               he, dh);
   if (timeout < 0)
     timeout = 0;
   return timeout;