From: W.C.A. Wijngaards <wouter@nlnetlabs.nl>
Date: Mon, 15 Jun 2026 14:22:50 +0000 (+0200)
Subject: - Fix integer overflow in infra-cache-max-rtt calculation.
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=98e95d80e68be965b188f662b84e4cdae8569fa7;p=thirdparty%2Funbound.git

- Fix integer overflow in infra-cache-max-rtt calculation.
  Thanks to Qifan Zhang, Palo Alto Networks, for the report.
---

diff --git a/doc/Changelog b/doc/Changelog
index 2311deedc..a87ca8849 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -25,6 +25,8 @@
 	  lookups are in progress, for a primary name. Also after the
 	  change, it no longer picks up the old results. Thanks to
 	  Qifan Zhang, Palo Alto Networks, for the report.
+	- Fix integer overflow in infra-cache-max-rtt calculation.
+	  Thanks to Qifan Zhang, Palo Alto Networks, for the report.
 
 12 June 2026: Wouter
 	- Fix that for auth-zone and rpz zones the allow-notify
diff --git a/util/config_file.c b/util/config_file.c
index e026047ab..428633b6c 100644
--- a/util/config_file.c
+++ b/util/config_file.c
@@ -46,6 +46,7 @@
 #ifdef HAVE_TIME_H
 #include <time.h>
 #endif
+#include <limits.h>
 #include "util/log.h"
 #include "util/configyyrename.h"
 #include "util/config_file.h"
@@ -533,7 +534,11 @@ probe_maxrto(int useful_server_top_timeout) {
 int config_apply_max_rtt(int max_rtt)
 {
 	USEFUL_SERVER_TOP_TIMEOUT = max_rtt;
-	BLACKLIST_PENALTY = max_rtt*4;
+	BLACKLIST_PENALTY =
+#ifdef INT_MAX
+		(max_rtt > INT_MAX/4) ? INT_MAX :
+#endif
+		max_rtt*4;
 	PROBE_MAXRTO = probe_maxrto(max_rtt);
 	return max_rtt;
 }