From 6d30673fedec2d251f4962c526fd0451f70c4d97 Mon Sep 17 00:00:00 2001
From: "dtucker@openbsd.org" <dtucker@openbsd.org>
Date: Mon, 11 Jan 2021 02:12:57 +0000
Subject: upstream: Change convtime() from returning long to returning int.

On platforms where sizeof(int) != sizeof(long), convtime could accept values
>MAX_INT which subsequently truncate when stored in an int during config
parsing.  bz#3250, ok djm@

OpenBSD-Commit-ID: 8fc932683d6b4660d52f50911d62bd6639c5db31
---
 misc.c      | 10 +++++-----
 misc.h      |  4 ++--
 ssh-add.c   | 10 +++++-----
 ssh-agent.c |  4 ++--
 4 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/misc.c b/misc.c
index 68feebf7..a4a3f2e2 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.157 2020/12/22 00:12:22 djm Exp $ */
+/* $OpenBSD: misc.c,v 1.158 2021/01/11 02:12:57 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2005-2020 Damien Miller.  All rights reserved.
@@ -543,7 +543,7 @@ a2tun(const char *s, int *remote)
  *
  * Return -1 if time string is invalid.
  */
-long
+int
 convtime(const char *s)
 {
 	long total, secs, multiplier;
@@ -560,7 +560,7 @@ convtime(const char *s)
 	while (*p) {
 		secs = strtol(p, &endp, 10);
 		if (p == endp ||
-		    (errno == ERANGE && (secs == LONG_MIN || secs == LONG_MAX)) ||
+		    (errno == ERANGE && (secs == INT_MIN || secs == INT_MAX)) ||
 		    secs < 0)
 			return -1;
 
@@ -591,10 +591,10 @@ convtime(const char *s)
 		default:
 			return -1;
 		}
-		if (secs >= LONG_MAX / multiplier)
+		if (secs >= INT_MAX / multiplier)
 			return -1;
 		secs *= multiplier;
-		if  (total >= LONG_MAX - secs)
+		if  (total >= INT_MAX - secs)
 			return -1;
 		total += secs;
 		if (total < 0)
diff --git a/misc.h b/misc.h
index c60fe202..558ba5a3 100644
--- a/misc.h
+++ b/misc.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.h,v 1.91 2020/12/22 00:12:22 djm Exp $ */
+/* $OpenBSD: misc.h,v 1.92 2021/01/11 02:12:57 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -67,7 +67,7 @@ char	*colon(char *);
 int	 parse_user_host_path(const char *, char **, char **, char **);
 int	 parse_user_host_port(const char *, char **, char **, int *);
 int	 parse_uri(const char *, const char *, char **, char **, int *, char **);
-long	 convtime(const char *);
+int	 convtime(const char *);
 const char *fmt_timeframe(time_t t);
 char	*tilde_expand_filename(const char *, uid_t);
 
diff --git a/ssh-add.c b/ssh-add.c
index 28d5bea3..7edb9f9a 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.158 2020/10/18 11:32:02 djm Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.159 2021/01/11 02:12:58 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -91,7 +91,7 @@ static char *default_files[] = {
 static int fingerprint_hash = SSH_FP_HASH_DEFAULT;
 
 /* Default lifetime (0 == forever) */
-static long lifetime = 0;
+static int lifetime = 0;
 
 /* User has to confirm key use */
 static int confirm = 0;
@@ -372,7 +372,7 @@ add_file(int agent_fd, const char *filename, int key_only, int qflag,
 			    filename, comment);
 			if (lifetime != 0) {
 				fprintf(stderr,
-				    "Lifetime set to %ld seconds\n", lifetime);
+				    "Lifetime set to %d seconds\n", lifetime);
 			}
 			if (confirm != 0) {
 				fprintf(stderr, "The user must confirm "
@@ -427,7 +427,7 @@ add_file(int agent_fd, const char *filename, int key_only, int qflag,
 		fprintf(stderr, "Certificate added: %s (%s)\n", certpath,
 		    private->cert->key_id);
 		if (lifetime != 0) {
-			fprintf(stderr, "Lifetime set to %ld seconds\n",
+			fprintf(stderr, "Lifetime set to %d seconds\n",
 			    lifetime);
 		}
 		if (confirm != 0) {
@@ -610,7 +610,7 @@ load_resident_keys(int agent_fd, const char *skprovider, int qflag)
 			    sshkey_type(keys[i]), fp);
 			if (lifetime != 0) {
 				fprintf(stderr,
-				    "Lifetime set to %ld seconds\n", lifetime);
+				    "Lifetime set to %d seconds\n", lifetime);
 			}
 			if (confirm != 0) {
 				fprintf(stderr, "The user must confirm "
diff --git a/ssh-agent.c b/ssh-agent.c
index 93f04f26..d231182d 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.267 2020/11/08 22:37:24 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.268 2021/01/11 02:12:58 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -164,7 +164,7 @@ u_char lock_salt[LOCK_SALT_SIZE];
 extern char *__progname;
 
 /* Default lifetime in seconds (0 == forever) */
-static long lifetime = 0;
+static int lifetime = 0;
 
 static int fingerprint_hash = SSH_FP_HASH_DEFAULT;
 
-- 
cgit v1.2.3