lightsail-network · overcat · Jan 30, 2026 · Jan 30, 2026
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,7 @@
 ### Update
 - fix: add stricter validation for Ed25519 Signed Payload.
 - fix: replace assert statements with explicit null checks in `Federation` class to ensure validation is not bypassed when assertions are disabled.
+- fix: add overflow check in `TimeBounds.expiresAfter()` to prevent integer overflow when timeout is too large.
 
 ## 2.2.1
 

diff --git a/src/main/java/org/stellar/sdk/TimeBounds.java b/src/main/java/org/stellar/sdk/TimeBounds.java
@@ -63,9 +63,16 @@ public TimeBounds(long minTime, long maxTime) {
    *
    * @param timeout Timeout in seconds.
    * @return TimeBounds
+   * @throws IllegalArgumentException if timeout is negative or would cause overflow
    */
   public static TimeBounds expiresAfter(long timeout) {
+    if (timeout < 0) {
+      throw new IllegalArgumentException("timeout cannot be negative");
+    }
     long now = System.currentTimeMillis() / 1000L;
+    if (timeout > Long.MAX_VALUE - now) {
+      throw new IllegalArgumentException("timeout is too large, would cause overflow");
+    }
     long endTime = now + timeout;
     return new TimeBounds(0, endTime);
   }

diff --git a/src/test/kotlin/org/stellar/sdk/TimeBoundsTest.kt b/src/test/kotlin/org/stellar/sdk/TimeBoundsTest.kt
@@ -60,6 +60,28 @@ class TimeBoundsTest :
       actualMaxTime shouldBeInRange (now + timeout - 1)..(now + timeout + 1)
     }
 
+    test("expiresAfter should throw IllegalArgumentException for negative timeout") {
+      val exception = shouldThrow<IllegalArgumentException> { TimeBounds.expiresAfter(-1) }
+      exception.message shouldBe "timeout cannot be negative"
+    }
+
+    test("expiresAfter should throw IllegalArgumentException for overflow") {
+      val exception =
+        shouldThrow<IllegalArgumentException> { TimeBounds.expiresAfter(Long.MAX_VALUE) }
+      exception.message shouldBe "timeout is too large, would cause overflow"
+    }
+
+    test("expiresAfter should handle large valid timeout") {
+      // 100 years in seconds
+      val hundredYearsInSeconds = 100L * 365 * 24 * 60 * 60
+      val timeBounds = TimeBounds.expiresAfter(hundredYearsInSeconds)
+      val now = System.currentTimeMillis() / 1000L
+
+      timeBounds.minTime.toLong() shouldBe 0
+      timeBounds.maxTime.toLong() shouldBeInRange
+        (now + hundredYearsInSeconds - 1)..(now + hundredYearsInSeconds + 1)
+    }
+
     test("should handle large time values") {
       val largeTime = Long.MAX_VALUE - 1
       val timeBounds = TimeBounds(0, largeTime)