Commit a01e4a1a authored by Nick Mathewson's avatar Nick Mathewson 🎨
Browse files

kist: Cast, then do operations on int32.

Otherwise integer overflows can happen.  Remember, doing a i32xi32
multiply doesn't actually produce a 64-bit output.  You need to do
i64xi32 or i64xi64.

Coverity found this as CID 1417753
parent 9201e4c7
......@@ -266,7 +266,7 @@ update_socket_info_impl, (socket_table_ent_t *ent))
/* Assuming all these values from the kernel are uint32_t still, they will
* always fit into a int64_t tcp_space variable. */
tcp_space = (ent->cwnd - ent->unacked) * ent->mss;
tcp_space = (ent->cwnd - ent->unacked) * (int64_t)ent->mss;
if (tcp_space < 0) {
tcp_space = 0;
}
......@@ -277,7 +277,8 @@ update_socket_info_impl, (socket_table_ent_t *ent))
* we end up negative, but then we just set extra_space to 0 in the sanity
* check.*/
extra_space =
clamp_double_to_int64((ent->cwnd * ent->mss) * sock_buf_size_factor) -
clamp_double_to_int64(
(ent->cwnd * (int64_t)ent->mss) * sock_buf_size_factor) -
ent->notsent;
if (extra_space < 0) {
extra_space = 0;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment