[PATCH 2/2] os: Work around integer overflow in TimerSet.
Cyril Brulebois
kibi at debian.org
Sun Mar 6 11:39:47 PST 2011
If TimerSet gets called with a big timeout, this call can overflow:
millis += now;
Detect overflow and set millis to the maximal integer when that happens,
to avoid falling in the “already expired” case.
This is the second (and last) patch to fix the following bugs.
Debian Bug 616667 <http://bugs.debian.org/616667>
X.Org Bug 35066 <http://bugs.freedesktop.org/show_bug.cgi?id=35066>
Signed-off-by: Cyril Brulebois <kibi at debian.org>
---
os/WaitFor.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/os/WaitFor.c b/os/WaitFor.c
index d44e00b..39f506e 100644
--- a/os/WaitFor.c
+++ b/os/WaitFor.c
@@ -461,7 +461,8 @@ TimerSet(OsTimerPtr timer, int flags, CARD32 millis,
}
else {
timer->delta = millis;
- millis += now;
+ /* Avoid overflow with big values */
+ millis = (millis + now > millis) ? (millis + now) : ((CARD32)(~0));
}
timer->expires = millis;
timer->callback = func;
--
1.7.4.1
More information about the xorg-devel
mailing list