diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-09-15 14:30:19 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-09-15 14:30:19 -0400 |
| commit | a01e4a1a957bc6a500930bb1221adf3b916d65f9 (patch) | |
| tree | 0c5e5de0afed7af453abf0fd4c51ff84caa903fd | |
| parent | 9201e4c74b10c28b551e6ac4d4e1830f5386b481 (diff) | |
| download | tor-a01e4a1a957bc6a500930bb1221adf3b916d65f9.tar.gz tor-a01e4a1a957bc6a500930bb1221adf3b916d65f9.zip | |
kist: Cast, then do operations on int32.
Otherwise integer overflows can happen. Remember, doing a i32xi32
multiply doesn't actually produce a 64-bit output. You need to do
i64xi32 or i64xi64.
Coverity found this as CID 1417753
| -rw-r--r-- | src/or/scheduler_kist.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/or/scheduler_kist.c b/src/or/scheduler_kist.c index f119cd696e..8595a340ef 100644 --- a/src/or/scheduler_kist.c +++ b/src/or/scheduler_kist.c @@ -266,7 +266,7 @@ update_socket_info_impl, (socket_table_ent_t *ent)) /* Assuming all these values from the kernel are uint32_t still, they will * always fit into a int64_t tcp_space variable. */ - tcp_space = (ent->cwnd - ent->unacked) * ent->mss; + tcp_space = (ent->cwnd - ent->unacked) * (int64_t)ent->mss; if (tcp_space < 0) { tcp_space = 0; } @@ -277,7 +277,8 @@ update_socket_info_impl, (socket_table_ent_t *ent)) * we end up negative, but then we just set extra_space to 0 in the sanity * check.*/ extra_space = - clamp_double_to_int64((ent->cwnd * ent->mss) * sock_buf_size_factor) - + clamp_double_to_int64( + (ent->cwnd * (int64_t)ent->mss) * sock_buf_size_factor) - ent->notsent; if (extra_space < 0) { extra_space = 0; |