From: Alan T. DeKok <aland@freeradius.org>
Date: Wed, 7 May 2025 14:33:50 +0000 (-0400)
Subject: clean up time_delta handling
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=72bab09a1a1a91c8aa994ee57cbd432f997f3f16;p=thirdparty%2Ffreeradius-server.git

clean up time_delta handling

check if the fractions overflow the scale.

Add / sub fractions as needed
---

diff --git a/src/lib/util/cbor.c b/src/lib/util/cbor.c
index 7fba7673eee..61e6d2d9ab4 100644
--- a/src/lib/util/cbor.c
+++ b/src/lib/util/cbor.c
@@ -942,6 +942,7 @@ static ssize_t cbor_decode_time_delta(UNUSED TALLOC_CTX *ctx, fr_value_box_t *vb
 		slen = cbor_decode_int64(&fraction, &work_dbuff, FR_TYPE_TIME_DELTA);
 		if (slen < 0) return_slen;
 
+		if ((fraction < 0) || (fraction > scale)) fraction = 0;
 	} else {
 		scale = NSEC;
 		fraction = 0;
@@ -954,13 +955,15 @@ static ssize_t cbor_decode_time_delta(UNUSED TALLOC_CTX *ctx, fr_value_box_t *vb
 		vb->vb_time_delta = fr_time_delta_min();
 
 	} else {
-		/*
-		 *	We don't worry too much about positive seconds and negative nanoseconds.
-		 *
-		 *	We also don't worry too much about overflow / underflow here.
-		 */
-		fraction += seconds * scale;
-		vb->vb_time_delta = fr_time_delta_wrap(fraction);
+		seconds *= scale;
+
+		if (seconds < 0) {
+			seconds -= fraction;
+		} else {
+			seconds += fraction;
+		}
+
+		vb->vb_time_delta = fr_time_delta_wrap(seconds);
 	}
 
 	return fr_dbuff_set(dbuff, &work_dbuff);