From 6d0b77d08759b68b6114d25928e6248ed49594bb Mon Sep 17 00:00:00 2001 From: Bill Fenner Date: Wed, 12 Oct 2022 12:42:40 -0700 Subject: [PATCH] Address integer overflows --- checksum.c | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/checksum.c b/checksum.c index 172136514..69f5c2032 100644 --- a/checksum.c +++ b/checksum.c @@ -141,9 +141,9 @@ create_osi_cksum (const uint8_t *pptr, int checksum_offset, int length) int x; int y; - uint32_t mul; + int32_t mul; uint32_t c0; - uint32_t c1; + uint64_t c1; uint16_t checksum; int idx; @@ -169,8 +169,14 @@ create_osi_cksum (const uint8_t *pptr, int checksum_offset, int length) mul = (length - checksum_offset)*(c0); - x = mul - c0 - c1; - y = c1 - mul; + /* + * Casting c0 and c1 here is guaranteed to be safe, because we know + * they have values between 0 and 254 inclusive. These casts are + * done to ensure that all of the arithmetic operations are + * well-defined (i.e., not mixing signed and unsigned integers). + */ + x = mul - (int)c0 - (int)c1; + y = (int)c1 - mul; x %= 255; y %= 255;