From 14940b8a7f261cb137b6903571616b593ca0da89 Mon Sep 17 00:00:00 2001
From: Rob Swindell <rob@synchro.net>
Date: Mon, 25 Apr 2022 14:20:54 -0700
Subject: [PATCH] Fix possible underflow conditions in gettimeleft()

If a non-'T' exempt user had already used more time today than their security level allows, their timeleft would be computed as a negative value due to integer underflow. Since the return value of this function is assigned to a ulong (timeleft), this becomes a large positive number. Cap the floor of the computed time left at 0.

Also fix the potential for underflow that could occur if the system clock changes while a user is online and 'now' becomes greater than 'starttime'.
---
 src/sbbs3/userdat.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/sbbs3/userdat.c b/src/sbbs3/userdat.c
index 79bcd23ce1..88d62e8cfb 100644
--- a/src/sbbs3/userdat.c
+++ b/src/sbbs3/userdat.c
@@ -3339,7 +3339,10 @@ time_t gettimeleft(scfg_t* cfg, user_t* user, time_t starttime)
 		if(tleft>cfg->level_timepercall[user->level]*60)
 			tleft=cfg->level_timepercall[user->level]*60;
 		tleft+=user->min*60L;
-		tleft-=(long)(now-starttime);
+		long tused = (long)MAX(now - starttime, 0);
+		tleft -= tused;
+		if(tleft < 0)
+			tleft = 0;
 		if(tleft>0x7fffL)
 			timeleft=0x7fff;
 		else
-- 
GitLab