Fix Coverity Scan defect 1400433. Integer overflow.

7 years ago · 0ca093060c
parent 9faad1e078
commit 0ca093060c
2 changed files with 9 additions and 3 deletions
--- a/src/persist.h
+++ b/src/persist.h
@ -58,7 +58,7 @@ struct PF_cfg{
 };

 struct PF_client{
-	uint64_t session_expiry_time;
+	int64_t session_expiry_time;
 	uint32_t session_expiry_interval;
 	uint16_t last_mid;
 	uint16_t id_len;
@ -87,7 +87,7 @@ struct P_client_msg{

 struct PF_msg_store{
 	dbid_t store_id;
-	uint64_t expiry_time;
+	int64_t expiry_time;
 	uint32_t payloadlen;
 	uint16_t source_mid;
 	uint16_t source_id_len;
--- a/src/persist_read.c
+++ b/src/persist_read.c
@ -226,6 +226,7 @@ static int persist__msg_store_chunk_restore(struct mosquitto_db *db, FILE *db_fp
 	struct P_msg_store chunk;
 	struct mosquitto_msg_store *stored = NULL;
 	struct mosquitto_msg_store_load *load;
+	int64_t message_expiry_interval64;
 	uint32_t message_expiry_interval;
 	int rc = 0;
 	int i;
@ -262,7 +263,12 @@ static int persist__msg_store_chunk_restore(struct mosquitto_db *db, FILE *db_fp
 	}

 	if(chunk.F.expiry_time > 0){
-		message_expiry_interval = chunk.F.expiry_time - time(NULL);
+		message_expiry_interval64 = chunk.F.expiry_time - time(NULL);
+		if(message_expiry_interval64 < 0 || message_expiry_interval > UINT32_MAX){
+			message_expiry_interval = 0;
+		}else{
+			message_expiry_interval = (uint32_t)message_expiry_interval64;
+		}
 	}else{
 		message_expiry_interval = 0;
 	}