[Bug 2170] New: Potential integer overflow
bugzilla-daemon at natsu.mindrot.org
bugzilla-daemon at natsu.mindrot.org
Tue Nov 12 15:08:51 EST 2013
https://bugzilla.mindrot.org/show_bug.cgi?id=2170
Bug ID: 2170
Summary: Potential integer overflow
Product: Portable OpenSSH
Version: -current
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: sshd
Assignee: unassigned-bugs at mindrot.org
Reporter: loganaden at gmail.com
Created attachment 2373
--> https://bugzilla.mindrot.org/attachment.cgi?id=2373&action=edit
potential_overflow_fix
in serverloop.c:
max_time_milliseconds = options.client_alive_interval * 1000;
client_alive_interval is declare as int.
int client_alive_interval; /*
* poke the client this often
to
* see if it's still there
max_time_milliseconds is declared as u_int64_t.
Can this potentially result in an overflow due to multiplication ?
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list