From 68d9a31c8857d8766cdfafe85deb46ad563784d8 Mon Sep 17 00:00:00 2001
From: dtucker <dtucker@openbsd.org>
Date: Thu, 19 Dec 2013 00:19:12 +0000
Subject: Cast client_alive_interval to u_int64_t before assinging to
 max_time_milliseconds to avoid potential integer overflow in the timeout.
 bz#2170, patch from Loganaden Velvindron, ok djm@

---
 usr.bin/ssh/serverloop.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/usr.bin/ssh/serverloop.c b/usr.bin/ssh/serverloop.c
index bb0c617ac66..58eeba10ca1 100644
--- a/usr.bin/ssh/serverloop.c
+++ b/usr.bin/ssh/serverloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.168 2013/07/12 00:19:59 djm Exp $ */
+/* $OpenBSD: serverloop.c,v 1.169 2013/12/19 00:19:12 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -297,7 +297,8 @@ wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, int *maxfdp,
 	if (compat20 &&
 	    max_time_milliseconds == 0 && options.client_alive_interval) {
 		client_alive_scheduled = 1;
-		max_time_milliseconds = options.client_alive_interval * 1000;
+		max_time_milliseconds =
+		    (u_int64_t)options.client_alive_interval * 1000;
 	}
 
 	if (compat20) {
-- 
cgit v1.2.3-59-g8ed1b