From: Andre Noll <maan@tuebingen.mpg.de>
Date: Tue, 20 May 2025 18:56:36 +0000 (+0200)
Subject: flac_afh: Check for possible integer overflows.
X-Git-Url: https://git.tuebingen.mpg.de/?a=commitdiff_plain;h=64d0e6a1b83e9ff385cb635d887084f225057f02;p=paraslash.git

flac_afh: Check for possible integer overflows.

This is a callback function which should carefully check its inputs.
---

diff --git a/flac_afh.c b/flac_afh.c
index 1d0b3bf4..ab716705 100644
--- a/flac_afh.c
+++ b/flac_afh.c
@@ -433,10 +433,10 @@ static size_t temp_write_cb(const void *ptr, size_t size, size_t nmemb,
 	FLAC__IOHandle handle)
 {
 	int ret, fd = *(int *)handle;
-	size_t n = size * nmemb; /* FIXME: possible overflow */
+	size_t n;
 
+	assert(!__builtin_mul_overflow(nmemb, size, &n));
 	ret = write_all(fd, ptr, n);
-
 	/*
 	 * libflac expects POSIX semantics: If an error occurs, or the end of
 	 * the file is reached, the return value is a short item count or zero.