array: Avoid overflow in size calculation
authorTobias Brunner <tobias@strongswan.org>
Tue, 28 Jan 2020 10:06:59 +0000 (11:06 +0100)
committerTobias Brunner <tobias@strongswan.org>
Tue, 28 Jan 2020 14:29:40 +0000 (15:29 +0100)
While it's unlikely that so many (large) items are allocated, this is
technically more correct.  The result previously could overflow an
unsigned int (the conversion to size_t happened afterwards).

src/libstrongswan/collections/array.c

index fea28ce..93c35bc 100644 (file)
@@ -68,7 +68,7 @@ static size_t get_size(array_t *array, uint32_t num)
 {
        if (array->esize)
        {
-               return array->esize * num;
+               return (size_t)array->esize * num;
        }
        return sizeof(void*) * num;
 }