From: Bodo Möller <bodo@openssl.org>
Date: Fri, 30 Dec 2005 23:52:20 +0000 (+0000)
Subject: Rewrite timeout computation in a way that is less prone to overflow.
X-Git-Tag: OpenSSL_FIPS_1_0~42
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d9ba7079b87b6d71d1489d4fba7e5b47afda8e17;p=oweals%2Fopenssl.git

Rewrite timeout computation in a way that is less prone to overflow.

(Problem reported by Peter Sylvester.)
---

diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
index 5f12aa361c..868a207a1f 100644
--- a/ssl/ssl_sess.c
+++ b/ssl/ssl_sess.c
@@ -377,7 +377,7 @@ int ssl_get_prev_session(SSL *s, unsigned char *session_id, int len)
 	CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
 #endif
 
-	if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */
+	if (ret->timeout < (long)(time(NULL) - ret->time)) /* timeout */
 		{
 		s->ctx->stats.sess_timeout++;
 		/* remove it from the cache */