[PATCH mtd-utils] jffsX-utils: fix integer overflow in jffs2dump.c

[Anton Moryakov]

Report of the static analyzer:
The value of an arithmetic expression 'datsize + oobsize' is a subject to overflow because its operands are not cast to a larger data type before performing arithmetic

Corrections explained:
Fixed potential overflow in arithmetic operation datsize + oobsize
by casting operands to unsigned long long to ensure safe computation.
And also added a check i think you can just add
if (datsize < 0 || oobsize < 0) excluding negative values ​​for datsize and oobsize

---
 jffsX-utils/jffs2dump.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/jffsX-utils/jffs2dump.c b/jffsX-utils/jffs2dump.c
index 30455ea..bee8c59 100644
--- a/jffsX-utils/jffs2dump.c
+++ b/jffsX-utils/jffs2dump.c
@@ -772,6 +772,11 @@ int main(int argc, char **argv)
 		exit(EXIT_FAILURE);
 	}
 
+	if (datsize < 0 || oobsize < 0) {
+		fprintf(stderr, "Error: datsize and oobsize must be non-negative.\n");
+		return -1;
+	}
+
 	if (datsize && oobsize) {
 		int  idx = 0;
 		long len = imglen;
@@ -783,7 +788,7 @@ int main(int argc, char **argv)
 			read_nocheck (fd, oob, oobsize);
 			idx += datsize;
 			imglen -= oobsize;
-			len -= datsize + oobsize;
+			len -= (unsigned long long)datsize + (unsigned long long)oobsize;
 		}
 
 	} else {
-- 
2.30.2