From ce8e7f7cea0b4873755c99675fc2170cf7c9d31e Mon Sep 17 00:00:00 2001
From: NRK <nrk@disroot.org>
Date: Wed, 31 May 2023 03:55:08 +0600
Subject: [PATCH] options: reduce max delay to INT_MAX/1000

avoids potential multiplication overflow when the seconds are converted
into milliseconds.
---
 src/options.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/options.c b/src/options.c
index 86a6fd6e..7dafed2d 100644
--- a/src/options.c
+++ b/src/options.c
@@ -390,7 +390,8 @@ void optionsParse(int argc, char *argv[])
             opt.delaySelection = *optarg == 'b';
             if (opt.delaySelection)
                 ++optarg;
-            opt.delay = optionsParseNum(optarg, 0, INT_MAX, &errmsg);
+            /* NOTE: div 1000 so that converting to milliseconds doesn't overflow */
+            opt.delay = optionsParseNum(optarg, 0, INT_MAX/1000, &errmsg);
             if (errmsg) {
                 errx(EXIT_FAILURE, "option --delay: '%s' is %s", optarg,
                     errmsg);