From fa56513034c839e444ab7ca986ddb178dece86c7 Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <shemminger@osdl.org>
Date: Thu, 19 Oct 2006 13:10:26 -0700
Subject: [PATCH] Trap possible overflow in usec values to netem If user asks
 for large usec value it could overflow 32 bits.

Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
---
 tc/q_netem.c | 5 +++++
 tc/tc_core.c | 9 +++++++++
 tc/tc_core.h | 1 +
 3 files changed, 15 insertions(+)

diff --git a/tc/q_netem.c b/tc/q_netem.c
index 757edcae..7fbc771c 100644
--- a/tc/q_netem.c
+++ b/tc/q_netem.c
@@ -111,6 +111,11 @@ static int get_ticks(__u32 *ticks, const char *str)
 	if(get_usecs(&t, str))
 		return -1;
 	
+	if (tc_core_usec2big(t)) {
+		fprintf(stderr, "Illegal %d usecs (too large)\n", t);
+		return -1;
+	}
+
 	*ticks = tc_core_usec2tick(t);
 	return 0;
 }
diff --git a/tc/tc_core.c b/tc/tc_core.c
index 07cf2fa9..10c375ef 100644
--- a/tc/tc_core.c
+++ b/tc/tc_core.c
@@ -27,6 +27,15 @@ static __u32 t2us=1;
 static __u32 us2t=1;
 static double tick_in_usec = 1;
 
+int tc_core_usec2big(long usec)
+{
+	__u64 t = usec;
+
+	t *= tick_in_usec;
+	return (t >> 32) != 0;
+}
+
+
 long tc_core_usec2tick(long usec)
 {
 	return usec*tick_in_usec;
diff --git a/tc/tc_core.h b/tc/tc_core.h
index 1537f95a..65611b6d 100644
--- a/tc/tc_core.h
+++ b/tc/tc_core.h
@@ -4,6 +4,7 @@
 #include <asm/types.h>
 #include <linux/pkt_sched.h>
 
+int  tc_core_usec2big(long usec);
 long tc_core_usec2tick(long usec);
 long tc_core_tick2usec(long tick);
 unsigned tc_calc_xmittime(unsigned rate, unsigned size);