[tor-commits] [tor/master] kist: Cast, then do operations on int32.

[nickm at torproject.org]

commit a01e4a1a957bc6a500930bb1221adf3b916d65f9
Author: Nick Mathewson <nickm at torproject.org>
Date:   Fri Sep 15 14:30:19 2017 -0400

    kist: Cast, then do operations on int32.
    
    Otherwise integer overflows can happen.  Remember, doing a i32xi32
    multiply doesn't actually produce a 64-bit output.  You need to do
    i64xi32 or i64xi64.
    
    Coverity found this as CID 1417753
---
 src/or/scheduler_kist.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/or/scheduler_kist.c b/src/or/scheduler_kist.c
index f119cd696..8595a340e 100644
--- a/src/or/scheduler_kist.c
+++ b/src/or/scheduler_kist.c
@@ -266,7 +266,7 @@ update_socket_info_impl, (socket_table_ent_t *ent))
 
    /* Assuming all these values from the kernel are uint32_t still, they will
    * always fit into a int64_t tcp_space variable. */
-  tcp_space = (ent->cwnd - ent->unacked) * ent->mss;
+  tcp_space = (ent->cwnd - ent->unacked) * (int64_t)ent->mss;
   if (tcp_space < 0) {
     tcp_space = 0;
   }
@@ -277,7 +277,8 @@ update_socket_info_impl, (socket_table_ent_t *ent))
    * we end up negative, but then we just set extra_space to 0 in the sanity
    * check.*/
   extra_space =
-    clamp_double_to_int64((ent->cwnd * ent->mss) * sock_buf_size_factor) -
+    clamp_double_to_int64(
+                 (ent->cwnd * (int64_t)ent->mss) * sock_buf_size_factor) -
     ent->notsent;
   if (extra_space < 0) {
     extra_space = 0;