You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
sysstat/SOURCES/CVE-2023-33204.patch

39 lines
1.3 KiB

commit 6f8dc568e6ab072bb8205b732f04e685bf9237c0
Merge: c43167cc 954ff2e2
Author: Sebastien GODARD <sysstat@users.noreply.github.com>
Date: Wed May 17 21:10:31 2023 +0200
Merge branch 'pkopylov-master'
Signed-off-by: Sebastien GODARD <sysstat@users.noreply.github.com>
diff --git a/common.c b/common.c
index 48493b5f..0efe7ee3 100644
--- a/common.c
+++ b/common.c
@@ -431,15 +431,17 @@ int check_dir(char *dirname)
void check_overflow(unsigned int val1, unsigned int val2,
unsigned int val3)
{
- if ((unsigned long long) val1 * (unsigned long long) val2 *
- (unsigned long long) val3 > UINT_MAX) {
+ if ((val1 != 0) && (val2 != 0) && (val3 != 0) &&
+ (((unsigned long long) UINT_MAX / (unsigned long long) val1 <
+ (unsigned long long) val2) ||
+ ((unsigned long long) UINT_MAX / ((unsigned long long) val1 * (unsigned long long) val2) <
+ (unsigned long long) val3))) {
#ifdef DEBUG
- fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n",
- __FUNCTION__, (unsigned long long) val1 * (unsigned long long) val2 *
- (unsigned long long) val3);
+ fprintf(stderr, "%s: Overflow detected (%u,%u,%u). Aborting...\n",
+ __FUNCTION__, val1, val2, val3);
#endif
- exit(4);
- }
+ exit(4);
+ }
}
#ifndef SOURCE_SADC