From c3857eca70e3bf293fff2fe0b3766cfcad1b1251 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Sat, 14 Dec 2024 23:09:16 +0100
Subject: [PATCH] altsvc: avoid integer overflow in expire calculation

A bad value here just makes for a bad alt-svc experience, not a security
problem.

Detected by OSS-Fuzz

Bug: https://issues.oss-fuzz.com/issues/383911309

Closes #15745

Conflict:context adapt
Reference:https://github.com/curl/curl/commit/c3857eca70e3bf293fff2fe0b3766cfcad1b1251
---
 lib/altsvc.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/lib/altsvc.c b/lib/altsvc.c
index a3ab368c5014..62f2c545fe55 100644
--- a/lib/altsvc.c
+++ b/lib/altsvc.c
@@ -659,9 +659,13 @@ CURLcode Curl_altsvc_parse(struct Curl_easy *data,
                                srcalpnid, dstalpnid,
                                srcport, dstport);
           if(as) {
-            /* The expires time also needs to take the Age: value (if any) into
-               account. [See RFC 7838 section 3.1] */
-            as->expires = maxage + time(NULL);
+            time_t secs = time(NULL);
+            /* The expires time also needs to take the Age: value (if any)
+               into account. [See RFC 7838 section 3.1] */
+            if(maxage > (TIME_T_MAX - secs))
+              as->expires = TIME_T_MAX;
+            else
+              as->expires = maxage + secs;
             as->persist = persist;
             Curl_llist_insert_next(&asi->list, asi->list.tail, as, &as->node);
             infof(data, "Added alt-svc: %s:%d over %s", dsthost, dstport,