From aa346c5abc83927e7ddfdd502701734594591e43 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@cvs.openbsd.org>
Date: Sat, 22 Jun 2013 06:31:58 +0000
Subject: improved time_t overflow check suggested by guenther@

---
 usr.bin/ssh/scp.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'usr.bin/ssh/scp.c')

diff --git a/usr.bin/ssh/scp.c b/usr.bin/ssh/scp.c
index ad08bc0ca1d..7bb921bbb2c 100644
--- a/usr.bin/ssh/scp.c
+++ b/usr.bin/ssh/scp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: scp.c,v 1.177 2013/06/21 05:43:10 djm Exp $ */
+/* $OpenBSD: scp.c,v 1.178 2013/06/22 06:31:57 djm Exp $ */
 /*
  * scp - secure remote copy.  This is basically patched BSD rcp which
  * uses ssh to do the data transfer (instead of using rcmd).
@@ -955,7 +955,8 @@ sink(int argc, char **argv)
 			ull = strtoull(cp, &cp, 10);
 			if (!cp || *cp++ != ' ')
 				SCREWUP("mtime.sec not delimited");
-			if ((time_t)ull < 0 || ull > LLONG_MAX)
+			if ((time_t)ull < 0 ||
+			    (unsigned long long)(time_t)ull != ull)
 				setimes = 0;	/* out of range */
 			mtime.tv_sec = ull;
 			mtime.tv_usec = strtol(cp, &cp, 10);
@@ -967,7 +968,8 @@ sink(int argc, char **argv)
 			ull = strtoull(cp, &cp, 10);
 			if (!cp || *cp++ != ' ')
 				SCREWUP("atime.sec not delimited");
-			if ((time_t)ull < 0 || ull > LLONG_MAX)
+			if ((time_t)ull < 0 ||
+			    (unsigned long long)(time_t)ull != ull)
 				setimes = 0;	/* out of range */
 			atime.tv_sec = ull;
 			atime.tv_usec = strtol(cp, &cp, 10);
-- 
cgit v1.2.3