From e0055ec950a7a2822c7758c9935cfff3e1e7c867 Mon Sep 17 00:00:00 2001
From: Tobias Stoeckmann <tobias@stoeckmann.org>
Date: Sun, 21 Jan 2024 13:05:51 +0100
Subject: pam_faildelay: support UINT_MAX delay on 32 bit

Use strtoll to support up to 64 bit on 32 bit systems, although only up
to 32 unsigned bits are used. The strtoul function exists but converts
negative numbers to positive ones without any form of warning.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
---
 modules/pam_faildelay/pam_faildelay.c | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/modules/pam_faildelay/pam_faildelay.c b/modules/pam_faildelay/pam_faildelay.c
index fba48c9b..79a381bf 100644
--- a/modules/pam_faildelay/pam_faildelay.c
+++ b/modules/pam_faildelay/pam_faildelay.c
@@ -79,12 +79,12 @@
 
 /* --- authentication management functions (only) --- */
 
-static long parse_delay(const char *val)
+static long long parse_delay(const char *val)
 {
-    long delay;
+    long long delay;
     char *endptr;
 
-    delay = strtol (val, &endptr, 10);
+    delay = strtoll (val, &endptr, 10);
     if (delay == 0 && val == endptr)
       return -1;
     return delay;
@@ -94,14 +94,14 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
 			int argc, const char **argv)
 {
     int i, debug_flag = 0;
-    long delay = -1;
+    long long delay = -1;
 
     /* step through arguments */
     for (i = 0; i < argc; i++) {
 	const char *val = pam_str_skip_prefix (argv[i], "delay=");
 	if (val != NULL) {
 	  delay = parse_delay (val);
-	  if (delay < 0 || (unsigned long) delay > UINT_MAX)
+	  if (delay < 0 || (unsigned long long) delay > UINT_MAX)
 	    {
 	      pam_syslog (pamh, LOG_ERR, "%s (%s) not valid", argv[i], val);
 	      return PAM_IGNORE;
@@ -120,7 +120,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
 	  return PAM_IGNORE;
 
 	delay = parse_delay (val);
-	if (delay < 0 || (unsigned long) delay > UINT_MAX / S_TO_MICROS)
+	if (delay < 0 || (unsigned long long) delay > UINT_MAX / S_TO_MICROS)
 	  {
 	    pam_syslog (pamh, LOG_ERR, "FAIL_DELAY=%s in %s not valid",
 			val, LOGIN_DEFS);
@@ -134,9 +134,9 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
       }
 
     if (debug_flag)
-      pam_syslog (pamh, LOG_DEBUG, "setting fail delay to %ld", delay);
+      pam_syslog (pamh, LOG_DEBUG, "setting fail delay to %lld", delay);
 
-    i = pam_fail_delay(pamh, delay);
+    i = pam_fail_delay(pamh, (unsigned int) delay);
     if (i == PAM_SUCCESS)
       return PAM_IGNORE;
     else
-- 
cgit v1.2.3