mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-10-27 14:41:28 +01:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: acme: avoid overflow when diff > notAfter

Browse Source 
Avoid an overflow or a negative value if notAfter < diff.

This is unlikely to provoke any problem.

Fixes issue #3138.

Must be backported to 3.2.
This commit is contained in:
William Lallemand 2025-10-07 10:54:58 +02:00
parent 69bd253b23
commit 45fba1db27
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/acme.c
View File

@ -2425,8 +2425,10 @@ static time_t acme_schedule_date(struct ckch_store *store)
} else { } else {
diff = 7 * 24 * 60 * 60; /* default to 7 days */ diff = 7 * 24 * 60 * 60; /* default to 7 days */
} }
if (notAfter > diff) /* avoid overflow */
return (notAfter - diff); return (notAfter - diff);
else
return 1; /* epoch+1 is long way expired */
} }
/* /*