grafana/0009-Prometheus-Fix-integer-overflow-in-rate-interval-cal.patch
Stan Cox 0c1df2a22a Fix CVE-2022-39229 CVE-2022-2880 CVE-2022-41715
Resolves: rhbz#2131192
Resolves: rhbz#2134475
Resolves: rhbz#2126766
2022-11-01 16:09:46 -04:00

21 lines
900 B
Diff

From 09be2f6709e7d05a2f75756c5f58b0602b54af72 Mon Sep 17 00:00:00 2001
From: Andreas Gerstmayr <agerstmayr@redhat.com>
Date: Tue, 5 Jul 2022 17:04:13 +0200
Subject: [PATCH] Prometheus: Fix integer overflow in rate interval calculation
on 32-bit architectures 2
diff --git a/pkg/tsdb/prometheus/models/query.go b/pkg/tsdb/prometheus/models/query.go
index bdd48d08ed..aa2b1f9945 100644
--- a/pkg/tsdb/prometheus/models/query.go
+++ b/pkg/tsdb/prometheus/models/query.go
@@ -181,7 +181,7 @@ func calculateRateInterval(interval time.Duration, scrapeInterval string, interv
return time.Duration(0)
}
- rateInterval := time.Duration(int(math.Max(float64(interval+scrapeIntervalDuration), float64(4)*float64(scrapeIntervalDuration))))
+ rateInterval := time.Duration(int64(math.Max(float64(interval+scrapeIntervalDuration), float64(4)*float64(scrapeIntervalDuration))))
return rateInterval
}