From 71eeb6ace80be7389d942b9647765417e5b039f7 Mon Sep 17 00:00:00 2001

From: Colin Ian King <colin.king@canonical.com>

Date: Mon, 16 Aug 2021 17:30:25 +0100

Subject: [Backport 71eeb6ace80b] src: Fix integer overflow in

 multiplication

The multiplication of the u32 data_size with a int is being performed

using 32 bit arithmetic however the results is being assigned to the

variable nbits that is a size_t (64 bit) value. Fix a potential

integer overflow by casting the u32 value to a size_t before the

multiply to use a size_t sized bit multiply operation.

Addresses-Coverity: ("Unintentional integer overflow")

Fixes: 82cae269cfa9 ("src: Add initialization of super block")

Signed-off-by: Colin Ian King <colin.king@canonical.com>

Signed-off-by: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>

---

 src/index.c | 2 +-

 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/index.c b/src/index.c

index 6aa9540ece4728b5a02108924db76b4ee920a353..9386c551e208204870363685b27826ccb60e1171 100644

--- a/src/index.c

+++ b/src/index.c

@@ -2012,7 +2012,7 @@ static int indx_shrink(struct ntfs_index *indx, struct ntfs_inode *ni,

 		unsigned long pos;

 		const unsigned long *bm = resident_data(b);

-		nbits = le32_to_cpu(b->res.data_size) * 8;

+		nbits = (size_t)le32_to_cpu(b->res.data_size) * 8;

 		if (bit >= nbits)

 			return 0;

-- 

2.31.1