Bug 65788 - dav_get_timeout int overflow

Summary: dav_get_timeout int overflow

Status: NEW Alias: None Product: Apache httpd-2 Classification: Unclassified Component: mod_dav (show other bugs) Version: 2.5-HEAD Hardware: PC Mac OS X 10.1 Importance: P2 normal (vote) Target Milestone: --- Assignee: Apache HTTPD Bugs Mailing List URL: Keywords: Depends on: Blocks:		Reported: 2022-01-06 19:01 UTC by Eric Covener Modified: 2022-01-06 19:01 UTC (History) CC List: 0 users

Attachments Add an attachment (proposed patch, testcase, etc.) Note You need to log in before you can comment on or make changes to this bug.

Description Eric Covener 2022-01-06 19:01:00 UTC The dav_get_timeoutfunction in "dav/main/util.c" (image1.png) returns a time_t value (aka long int). If a big enough "timeout" value is sent, the returned value can be overflowed. This issue was discovered and reported by GHSL team member @antonio-morales (Antonio Morales).

---

• Format For Printing
•  - XML
•  - Clone This Bug
•  - Top of page

This is ASF Bugzilla: the Apache Software Foundation bug system. In case of problems with the functioning of ASF Bugzilla, please contact bugzilla-admin@apache.org. Please Note: this e-mail address is only for reporting problems with ASF Bugzilla. Mail about any other subject will be silently ignored.

• • Home
  • | New
  • | Browse
  • | Search
  • |
    [?]
  • | Reports
  • | Help
  • | New Account
  • | Log In
    Remember [x]
  • | Forgot Password
    Login: [x]