From: Frank Lichtenheld <[email protected]> Coverity complained about "overflow_before_widen" because there is a theoretical overflow that can happen even though the target value is wide enough. For useful values of max_days this is irrelevant but Coverity is not wrong, so change the code accordingly.
Change-Id: Ie7308d549182a95b86cd113e4a8cc65ff45ba3d7 Signed-off-by: Frank Lichtenheld <[email protected]> Acked-by: Gert Doering <[email protected]> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1385 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1385 This mail reflects revision 1 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering <[email protected]> diff --git a/src/openvpn/tls_crypt.c b/src/openvpn/tls_crypt.c index 318c939..9026cff 100644 --- a/src/openvpn/tls_crypt.c +++ b/src/openvpn/tls_crypt.c @@ -539,7 +539,7 @@ int64_t timestamp; memcpy(×tamp, metadata + 1, sizeof(int64_t)); timestamp = (int64_t)ntohll((uint64_t)timestamp); - int64_t max_age_in_seconds = max_days * 24 * 60 * 60; + int64_t max_age_in_seconds = (int64_t)max_days * 24 * 60 * 60; if (now - timestamp > max_age_in_seconds) { msg(M_WARN, "ERROR: Client key is too old."); _______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
