From be33db0e42e5e59d906207286b713c623008474c Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 23 Sep 2019 22:49:05 +0100
Subject: [PATCH] curl: Timeout is unsigned, so cannot be < 0.

However we must check that it is <= LONG_MAX.

Thanks: Eric Blake for pointing out the error.
Fixes commit c4c89d697236cf791ba8527a713bc8635a030e3b
---
 plugins/curl/curl.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/plugins/curl/curl.c b/plugins/curl/curl.c
index b84a7fc2..c7cbec4c 100644
--- a/plugins/curl/curl.c
+++ b/plugins/curl/curl.c
@@ -46,6 +46,7 @@
 #include <stdbool.h>
 #include <stdint.h>
 #include <inttypes.h>
+#include <limits.h>
 #include <string.h>
 #include <unistd.h>
 #include <errno.h>
@@ -206,8 +207,11 @@ curl_config (const char *key, const char *value)
   else if (strcmp (key, "timeout") == 0) {
     if (nbdkit_parse_uint32_t ("timeout", value, &timeout) == -1)
       return -1;
-    if (timeout < 0) {
-      nbdkit_error ("'timeout' must be 0 or a positive timeout in seconds");
+    /* C17 5.2.4.2.1 requires that LONG_MAX is at least 2^31 - 1.
+     * However a large positive number might still exceed the limit.
+     */
+    if (timeout > LONG_MAX) {
+      nbdkit_error ("timeout is too large");
       return -1;
     }
   }
-- 
2.11.4.GIT