mp2t (CID 1355406): fix a potential integer overflow

cast one of the factors to uint64 to make sure that the calculation uses uint64 and not uint32 which may overflow Change-Id: Iec14f870a694008f5a734294d9154117b6c64b78 Reviewed-on: https://code.wireshark.org/review/15346 Petri-Dish: Jaap Keuter <jaap.keuter@xs4all.nl> Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org> Reviewed-by: Martin Kaiser <wireshark@kaiser.cx>
2016-05-10 23:06:57 +02:00 · 2016-05-10 23:06:57 +02:00 · 2f1e956142
parent a7ba38a72e
commit 2f1e956142
1 changed files with 4 additions and 1 deletions
--- a/wiretap/mp2t.c
+++ b/wiretap/mp2t.c
@ -276,7 +276,10 @@ mp2t_bits_per_second(wtap *wth, guint32 first, guint8 trailer_len,
        return WTAP_OPEN_NOT_MINE;
    }
    pcr_delta = pcr2 - pcr1;
-    bits_passed = MP2T_SIZE * (pn2 - pn1) * 8;
+    /* cast one of the factors to guint64
+       otherwise, the multiplication would use guint32 and could
+       overflow before the result is assigned to the guint64 bits_passed */
+    bits_passed = (guint64)MP2T_SIZE * (pn2 - pn1) * 8;

    *bitrate = ((MP2T_PCR_CLOCK * bits_passed) / pcr_delta);
    if (*bitrate == 0) {