If TimerSet gets called with a big timeout, this call can overflow: millis += now;
Detect overflow and set millis to the maximal integer when that happens, to avoid falling in the “already expired” case. This is the second (and last) patch to fix the following bugs. Debian Bug 616667 <http://bugs.debian.org/616667> X.Org Bug 35066 <http://bugs.freedesktop.org/show_bug.cgi?id=35066> Signed-off-by: Cyril Brulebois <[email protected]> --- os/WaitFor.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/os/WaitFor.c b/os/WaitFor.c index d44e00b..39f506e 100644 --- a/os/WaitFor.c +++ b/os/WaitFor.c @@ -461,7 +461,8 @@ TimerSet(OsTimerPtr timer, int flags, CARD32 millis, } else { timer->delta = millis; - millis += now; + /* Avoid overflow with big values */ + millis = (millis + now > millis) ? (millis + now) : ((CARD32)(~0)); } timer->expires = millis; timer->callback = func; -- 1.7.4.1 _______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
