From: Tobias Stoeckmann <tobias@stoeckmann.org>
Date: Sat, 22 Aug 2020 11:23:23 +0000 (+0200)
Subject: Prevent signed overflow in get_time_seed
X-Git-Tag: json-c-0.16-20220414~37^2~20^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F662%2Fhead;p=thirdparty%2Fjson-c.git

Prevent signed overflow in get_time_seed

Casting time(2) return value to int and multiplying the result with
such a constant will definitely lead to a signed overflow by this day.

Since signed overflows are undefined behaviour in C, avoid this.

Casting to unsigned is more than enough since the upper bits of a
64 bit time_t value will be removed with the int conversion anyway.
---

diff --git a/random_seed.c b/random_seed.c
index c428da9c..b4c0afd3 100644
--- a/random_seed.c
+++ b/random_seed.c
@@ -305,7 +305,7 @@ static int get_time_seed(void)
 {
 	DEBUG_SEED("get_time_seed");
 
-	return (int)time(NULL) * 433494437;
+	return (unsigned)time(NULL) * 433494437;
 }
 
 /* json_c_get_random_seed */