[PATCH] cpukit/score: Avoid overflow in multiplication
Sebastian Huber
sebastian.huber at embedded-brains.de
Wed Jan 17 06:44:55 UTC 2024
On 16.01.24 21:02, Kinsey Moore wrote:
> The two operands are 16 bit and the result is being saved into a
> larger type. Reduce the possibility of an overflow during multiplication
> by using the larger type as an operand.
> ---
> cpukit/score/src/objectextendinformation.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/cpukit/score/src/objectextendinformation.c b/cpukit/score/src/objectextendinformation.c
> index 414766f219..f9c51c3bec 100644
> --- a/cpukit/score/src/objectextendinformation.c
> +++ b/cpukit/score/src/objectextendinformation.c
> @@ -115,7 +115,8 @@ Objects_Maximum _Objects_Extend_information(
> * Allocate the name table, and the objects and if it fails either return or
> * generate a fatal error depending on auto-extending being active.
> */
> - object_block_size = extend_count * information->object_size;
> + object_block_size = extend_count;
> + object_block_size *= information->object_size;
> new_object_block = _Workspace_Allocate( object_block_size );
> if ( new_object_block == NULL ) {
> return 0;
I am not sure if a reviewer understands that this two line approach is
there to avoid integer overflows. I would simply keep the expression as
is and change extend_count to:
uint32_t extend_count;
--
embedded brains GmbH & Co. KG
Herr Sebastian HUBER
Dornierstr. 4
82178 Puchheim
Germany
email: sebastian.huber at embedded-brains.de
phone: +49-89-18 94 741 - 16
fax: +49-89-18 94 741 - 08
Registergericht: Amtsgericht München
Registernummer: HRB 157899
Vertretungsberechtigte Geschäftsführer: Peter Rasmussen, Thomas Dörfler
Unsere Datenschutzerklärung finden Sie hier:
https://embedded-brains.de/datenschutzerklaerung/
More information about the devel
mailing list