From 39c2bcd46244e278fb8f9c4f6a8c60b16930335d Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Fri, 10 Apr 2015 09:30:52 +0200
Subject: [PATCH] util: don't allow time too close to 32-bit time_t overflow

In UTI_IsTimeOffsetSane() consider time in one year interval before
32-bit time_t overflow (in 2038) as invalid. Hopefully everything will
be using 64-bit time_t when that time comes.
---
 util.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/util.c b/util.c
index e400d96..d82e5fa 100644
--- a/util.c
+++ b/util.c
@@ -609,6 +609,9 @@ UTI_Int64ToTimeval(NTP_int64 *src,
 /* Maximum offset between two sane times */
 #define MAX_OFFSET 4294967296.0
 
+/* Minimum allowed distance from maximum 32-bit time_t */
+#define MIN_ENDOFTIME_DISTANCE (365 * 24 * 3600)
+
 int
 UTI_IsTimeOffsetSane(struct timeval *tv, double offset)
 {
@@ -629,6 +632,10 @@ UTI_IsTimeOffsetSane(struct timeval *tv, double offset)
   /* Check if it's in the interval to which NTP time is mapped */
   if (t < (double)NTP_ERA_SPLIT || t > (double)(NTP_ERA_SPLIT + (1LL << 32)))
     return 0;
+#else
+  /* Don't get too close to 32-bit time_t overflow */
+  if (t > (double)(0x7fffffff - MIN_ENDOFTIME_DISTANCE))
+    return 0;
 #endif
 
   return 1;