[OpenWrt-Devel] [PATCH procd] system: Fix possible integer overflows
Hauke Mehrtens
hauke at hauke-m.de
Thu Sep 19 16:48:50 EDT 2019
This multiplication was done on 32 bit integers before, explicitly cast
them to 64 bit values before to make sure the multiplication is done on
64 bit numbers.
Coverity: #1412417, #1412410, #1412409, #1412411, #1412424, #1412407
Signed-off-by: Hauke Mehrtens <hauke at hauke-m.de>
---
system.c | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/system.c b/system.c
index 4068e64..751a016 100644
--- a/system.c
+++ b/system.c
@@ -254,15 +254,21 @@ static int system_info(struct ubus_context *ctx, struct ubus_object *obj,
blobmsg_close_array(&b, c);
c = blobmsg_open_table(&b, "memory");
- blobmsg_add_u64(&b, "total", info.mem_unit * info.totalram);
- blobmsg_add_u64(&b, "free", info.mem_unit * info.freeram);
- blobmsg_add_u64(&b, "shared", info.mem_unit * info.sharedram);
- blobmsg_add_u64(&b, "buffered", info.mem_unit * info.bufferram);
+ blobmsg_add_u64(&b, "total",
+ (uint64_t)info.mem_unit * (uint64_t)info.totalram);
+ blobmsg_add_u64(&b, "free",
+ (uint64_t)info.mem_unit * (uint64_t)info.freeram);
+ blobmsg_add_u64(&b, "shared",
+ (uint64_t)info.mem_unit * (uint64_t)info.sharedram);
+ blobmsg_add_u64(&b, "buffered",
+ (uint64_t)info.mem_unit * (uint64_t)info.bufferram);
blobmsg_close_table(&b, c);
c = blobmsg_open_table(&b, "swap");
- blobmsg_add_u64(&b, "total", info.mem_unit * info.totalswap);
- blobmsg_add_u64(&b, "free", info.mem_unit * info.freeswap);
+ blobmsg_add_u64(&b, "total",
+ (uint64_t)info.mem_unit * (uint64_t)info.totalswap);
+ blobmsg_add_u64(&b, "free",
+ (uint64_t)info.mem_unit * (uint64_t)info.freeswap);
blobmsg_close_table(&b, c);
#endif
--
2.20.1
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list