Commit b084cba0 authored by Marcin Spiewak's avatar Marcin Spiewak Committed by Tomasz Zawadzki
Browse files

lib/blob: fixed potential expression overflow 



Fixed issue found by Coverity.

'payload_bytes' and 'zero_bytes' are 64-bit (uint64_t)
integers and are calculated as a product of two 32-bit
integers. To avoid using of 32-bit arithmetic potentially
overflowing the result (truncating to 32-bit), we need
to cast at least one of the integers to 64-bit.

Change-Id: I323a3d1caa39f8358830f3fb06a5cc3fa0ca0555
Signed-off-by: default avatarMarcin Spiewak <marcin.spiewak@intel.com>
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/23024


Tested-by: default avatarSPDK CI Jenkins <sys_sgci@intel.com>
Community-CI: Mellanox Build Bot
Reviewed-by: default avatarTomasz Zawadzki <tomasz.zawadzki@intel.com>
Reviewed-by: default avatarJim Harris <jim.harris@samsung.com>
parent ccad22cf

lib/blob/blob_bs_dev.c

+2 −2
Original line number Diff line number Diff line
@@ -83,9 +83,9 @@ zero_trailing_bytes(struct spdk_blob_bs_dev *b, struct iovec *iov, int iovcnt, 


	/* Figure out how many bytes in the payload will need to be zeroed. */

	zero_lba_count = spdk_min(*lba_count, lba + *lba_count - b->bs_dev.blockcnt);

	zero_bytes = zero_lba_count * b->bs_dev.blocklen;

	zero_bytes = zero_lba_count * (uint64_t)b->bs_dev.blocklen;



	payload_bytes = *lba_count * b->bs_dev.blocklen;

	payload_bytes = *lba_count * (uint64_t)b->bs_dev.blocklen;

	valid_bytes = payload_bytes - zero_bytes;



	i = iov;