From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Thu, 27 Feb 2020 14:22:35 +0000 (+0100)
Subject: - Fix #170: Fix gcc undefined sanitizer signed integer overflow
X-Git-Tag: 1.11.0rc1~127
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=57bbbfc0e6d9884316933410994cce97b0f739a8;p=thirdparty%2Funbound.git

- Fix #170: Fix gcc undefined sanitizer signed integer overflow
  warning in signature expiry RFC1982 serial number arithmetic.
---

diff --git a/doc/Changelog b/doc/Changelog
index 7bb8e5104..407c0d34d 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,6 +1,8 @@
 27 February 2020: Wouter
 	- Fix #169: Fix warning for daemon/remote.c output may be truncated
 	  from snprintf.
+	- Fix #170: Fix gcc undefined sanitizer signed integer overflow
+	  warning in signature expiry RFC1982 serial number arithmetic.
 
 26 February 2020: Wouter
 	- iana portlist updated.
diff --git a/validator/val_sigcrypt.c b/validator/val_sigcrypt.c
index 33d206de8..de730f681 100644
--- a/validator/val_sigcrypt.c
+++ b/validator/val_sigcrypt.c
@@ -1343,7 +1343,7 @@ adjust_ttl(struct val_env* ve, uint32_t unow,
 	if(ve->date_override) {
 		now = ve->date_override;
 	} else	now = (int32_t)unow;
-	expittl = expi - now;
+	expittl = (int32_t)((uint32_t)expi - (uint32_t)now);
 
 	/* so now:
 	 * d->ttl: rrset ttl read from message or cache. May be reduced