From cdcf731d71d586249b5ef09cec98e58a7f35fe73 Mon Sep 17 00:00:00 2001
From: Chris Gianelloni <wolf31o2@blinklabs.io>
Date: Sun, 23 Feb 2025 09:58:56 -0500
Subject: [PATCH] fix: guard ttl loading against int overflow

Signed-off-by: Chris Gianelloni <wolf31o2@blinklabs.io>
---
 internal/indexer/indexer.go | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/internal/indexer/indexer.go b/internal/indexer/indexer.go
index f795e2a..b39110f 100644
--- a/internal/indexer/indexer.go
+++ b/internal/indexer/indexer.go
@@ -1,4 +1,4 @@
-// Copyright 2024 Blink Labs Software
+// Copyright 2025 Blink Labs Software
 //
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file or at
@@ -10,6 +10,7 @@ import (
 	"encoding/hex"
 	"fmt"
 	"log/slog"
+	"math"
 	"os"
 	"strings"
 	"time"
@@ -369,7 +370,10 @@ func (i *Indexer) handleEventOutputDns(
 				Rhs:  string(record.Rhs),
 			}
 			if record.Ttl.HasValue() {
-				tmpRecord.Ttl = int(record.Ttl.Value)
+				if record.Ttl.Value > math.MaxInt {
+					return fmt.Errorf("record ttl value out of bounds")
+				}
+				tmpRecord.Ttl = int(record.Ttl.Value) // #nosec G115
 			}
 			tmpRecords = append(tmpRecords, tmpRecord)
 		}