From: Sebastien GODARD <sysstat@users.noreply.github.com>
Date: Sun, 23 Sep 2018 07:57:28 +0000 (+0200)
Subject: Make sure multiplication result won't overflow integer type
X-Git-Tag: v12.1.1~4
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3a1b717b0e18ea18f0981079bbfcea5b797778ab;p=sysstat

Make sure multiplication result won't overflow integer type

Make sure that multiplication result won't overflow int type before it
is converted to size_t (which is unsigned int or unsigned long according
to GNU C library documentation)

Signed-off-by: Sebastien GODARD <sysstat@users.noreply.github.com>
---

diff --git a/sa_conv.c b/sa_conv.c
index a9eb91f..f257991 100644
--- a/sa_conv.c
+++ b/sa_conv.c
@@ -686,14 +686,14 @@ void upgrade_stats_queue(struct activity *act[], int p, unsigned int magic,
  * disk.
  ***************************************************************************
  */
-int upgrade_stats_serial(struct activity *act[], int p, int st_size, int endian_mismatch)
+int upgrade_stats_serial(struct activity *act[], int p, size_t st_size, int endian_mismatch)
 {
 	int i;
 	unsigned int line;
 	struct stats_serial *ssc;
 
 	/* Copy TTY stats to target structure */
-	memcpy(act[p]->buf[1], act[p]->buf[0], act[p]->nr_ini * st_size);
+	memcpy(act[p]->buf[1], act[p]->buf[0], (size_t) act[p]->nr_ini * st_size);
 
 	for (i = 0; i < act[p]->nr_ini; i++) {
 		ssc = (struct stats_serial *) ((char *) act[p]->buf[1] + i * act[p]->fsize);