- Fix for integer overflow when printing RDF_TYPE_TIME.

author George Thessalonikefs <george@nlnetlabs.nl>

Thu, 21 May 2020 20:48:57 +0000 (22:48 +0200)

committer George Thessalonikefs <george@nlnetlabs.nl>

Thu, 21 May 2020 20:48:57 +0000 (22:48 +0200)
author George Thessalonikefs <george@nlnetlabs.nl>
Thu, 21 May 2020 20:48:57 +0000 (22:48 +0200)
committer George Thessalonikefs <george@nlnetlabs.nl>
Thu, 21 May 2020 20:48:57 +0000 (22:48 +0200)
diff --git a/doc/Changelog b/doc/Changelog

index ec84296f8745c3ed7ba36e3bd4b0edf9129629f0..75b3822d3a87ed2a9a99e11076d729cb39ea0059 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+21 May 2020: George
+       - Fix for integer overflow when printing RDF_TYPE_TIME.
+
  19 May 2020: Wouter
         - CVE-2020-12662 Unbound can be tricked into amplifying an incoming
           query into a large number of queries directed to a target.
diff --git a/sldns/parseutil.c b/sldns/parseutil.c

index 82dbc0fe113eaea1c491089f9f9d0cfa14ddb332..3515d64c5d102be3ff50c79c01178134ae96a16f 100644 (file)
--- a/sldns/parseutil.c
+++ b/sldns/parseutil.c
@@ -167,7 +167,7 @@ sldns_gmtime64_r(int64_t clock, struct tm *result)
  static int64_t
  sldns_serial_arithmetics_time(int32_t time, time_t now)
  {
-       int32_t offset = time - (int32_t) now;
+       int32_t offset = (int32_t)((uint32_t) time - (uint32_t) now);
         return (int64_t) now + offset;
  }
author	George Thessalonikefs <george@nlnetlabs.nl>
	Thu, 21 May 2020 20:48:57 +0000 (22:48 +0200)
committer	George Thessalonikefs <george@nlnetlabs.nl>
	Thu, 21 May 2020 20:48:57 +0000 (22:48 +0200)
doc/Changelog		patch \| blob \| blame \| history
sldns/parseutil.c		patch \| blob \| blame \| history