sudo/backport-Fix-potential-signed-integer-overflow-on-32-bit-CPUs.patch

From dc8311dae99c2e6d60ecd3db6730fe84c6fe9d5b Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@sudo.ws>
Date: Fri, 27 May 2022 15:47:32 -0600
Subject: [PATCH] Fix potential signed integer overflow on 32-bit CPUs.
 Converting fractional minutes to nanoseconds could overflow a 32-bit integer,
 use long long instead.

---
 plugins/sudoers/defaults.c | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c
index d5bd8080d..ec6b64fe9 100644
--- a/plugins/sudoers/defaults.c
+++ b/plugins/sudoers/defaults.c
@@ -935,38 +935,38 @@ store_timespec(const char *str, struct sudo_defs_types *def)
 
     sudo_timespecclear(&ts);
     if (str != NULL) {
-	/* Convert from minutes to timespec. */
+	/* Convert from minutes to seconds. */
 	if (*str == '+' || *str == '-')
 	    sign = *str++;
 	while (*str != '\0' && *str != '.') {
 		if (!isdigit((unsigned char)*str))
 		    debug_return_bool(false);	/* invalid number */
 
-		/* Verify (ts.tv_sec * 10) + digit <= TIME_T_MAX. */
-		i = *str++ - '0';
+		/* Verify (ts.tv_sec * 10) + (digit * 60) <= TIME_T_MAX. */
+		i = (*str++ - '0') * 60L;
 		if (ts.tv_sec > (TIME_T_MAX - i) / 10)
 		    debug_return_bool(false);	/* overflow */
 		ts.tv_sec *= 10;
 		ts.tv_sec += i;
 	}
 	if (*str++ == '.') {
-	    /* Convert optional fractional component to nanosecs. */
+	    long long nsec = 0;
+
+	    /* Convert optional fractional component to seconds and nanosecs. */
 	    for (i = 100000000; i > 0; i /= 10) {
 		if (*str == '\0')
 		    break;
 		if (!isdigit((unsigned char)*str))
 		    debug_return_bool(false);	/* invalid number */
-		ts.tv_nsec += i * (*str++ - '0');
+		nsec += i * (*str++ - '0') * 60LL;
 	    }
-	}
-	/* Convert from minutes to seconds. */
-	if (ts.tv_sec > TIME_T_MAX / 60)
-	    debug_return_bool(false);	/* overflow */
-	ts.tv_sec *= 60;
-	ts.tv_nsec *= 60;
-	while (ts.tv_nsec >= 1000000000) {
-	    ts.tv_sec++;
-	    ts.tv_nsec -= 1000000000;
+	    while (nsec >= 1000000000) {
+		if (ts.tv_sec == TIME_T_MAX)
+		    debug_return_bool(false);	/* overflow */
+		ts.tv_sec++;
+		nsec -= 1000000000;
+	    }
+	    ts.tv_nsec = nsec;
 	}
     }
     if (sign == '-') {
-- 
2.33.0
Backport patches from upstream community 2022-11-25 12:49:32 +00:00			`From dc8311dae99c2e6d60ecd3db6730fe84c6fe9d5b Mon Sep 17 00:00:00 2001`
			`From: "Todd C. Miller" <Todd.Miller@sudo.ws>`
			`Date: Fri, 27 May 2022 15:47:32 -0600`
			`Subject: [PATCH] Fix potential signed integer overflow on 32-bit CPUs.`
			`Converting fractional minutes to nanoseconds could overflow a 32-bit integer,`
			`use long long instead.`

			`---`
			`plugins/sudoers/defaults.c \| 28 ++++++++++++++--------------`
			`1 file changed, 14 insertions(+), 14 deletions(-)`

			`diff --git a/plugins/sudoers/defaults.c b/plugins/sudoers/defaults.c`
			`index d5bd8080d..ec6b64fe9 100644`
			`--- a/plugins/sudoers/defaults.c`
			`+++ b/plugins/sudoers/defaults.c`
			`@@ -935,38 +935,38 @@ store_timespec(const char str, struct sudo_defs_types def)`

			`sudo_timespecclear(&ts);`
			`if (str != NULL) {`
			`- /* Convert from minutes to timespec. */`
			`+ /* Convert from minutes to seconds. */`
			`if (str == '+' \|\| str == '-')`
			`sign = *str++;`
			`while (str != '\0' && str != '.') {`
			`if (!isdigit((unsigned char)*str))`
			`debug_return_bool(false); /* invalid number */`

			`- /* Verify (ts.tv_sec * 10) + digit <= TIME_T_MAX. */`
			`- i = *str++ - '0';`
			`+ /* Verify (ts.tv_sec * 10) + (digit * 60) <= TIME_T_MAX. */`
			`+ i = (str++ - '0') 60L;`
			`if (ts.tv_sec > (TIME_T_MAX - i) / 10)`
			`debug_return_bool(false); /* overflow */`
			`ts.tv_sec *= 10;`
			`ts.tv_sec += i;`
			`}`
			`if (*str++ == '.') {`
			`- /* Convert optional fractional component to nanosecs. */`
			`+ long long nsec = 0;`
			`+`
			`+ /* Convert optional fractional component to seconds and nanosecs. */`
			`for (i = 100000000; i > 0; i /= 10) {`
			`if (*str == '\0')`
			`break;`
			`if (!isdigit((unsigned char)*str))`
			`debug_return_bool(false); /* invalid number */`
			`- ts.tv_nsec += i * (*str++ - '0');`
			`+ nsec += i * (str++ - '0') 60LL;`
			`}`
			`- }`
			`- /* Convert from minutes to seconds. */`
			`- if (ts.tv_sec > TIME_T_MAX / 60)`
			`- debug_return_bool(false); /* overflow */`
			`- ts.tv_sec *= 60;`
			`- ts.tv_nsec *= 60;`
			`- while (ts.tv_nsec >= 1000000000) {`
			`- ts.tv_sec++;`
			`- ts.tv_nsec -= 1000000000;`
			`+ while (nsec >= 1000000000) {`
			`+ if (ts.tv_sec == TIME_T_MAX)`
			`+ debug_return_bool(false); /* overflow */`
			`+ ts.tv_sec++;`
			`+ nsec -= 1000000000;`
			`+ }`
			`+ ts.tv_nsec = nsec;`
			`}`
			`}`
			`if (sign == '-') {`
			`--`
			`2.33.0`