Issue 717: Fix integer overflow when computing location of volume descriptor

The multiplication here defaulted to 'int' but calculations
of file positions should always use int64_t.  A simple cast
suffices to fix this since the base location is always 32 bits
for ISO, so multiplying by the sector size will never overflow
a 64-bit integer.

diff --git a/libarchive/archive_read_support_format_iso9660.c b/libarchive/archive_read_support_format_iso9660.c
index 6934ceefe9db20b808aaf0d817b1bd904f511284..f41ba386562365a536c15fb980dbde08c7a5a131 100644 (file)
--- a/libarchive/archive_read_support_format_iso9660.c
+++ b/libarchive/archive_read_support_format_iso9660.c
@@ -1091,7 +1091,7 @@ choose_volume(struct archive_read *a, struct iso9660 *iso9660)
                /* This condition is unlikely; by way of caution. */
                vd = &(iso9660->joliet);
 
-       skipsize = LOGICAL_BLOCK_SIZE * vd->location;
+       skipsize = LOGICAL_BLOCK_SIZE * (int64_t)vd->location;
        skipsize = __archive_read_consume(a, skipsize);
        if (skipsize < 0)
                return ((int)skipsize);
@@ -1129,7 +1129,7 @@ choose_volume(struct archive_read *a, struct iso9660 *iso9660)
            && iso9660->seenJoliet) {
                /* Switch reading data from primary to joliet. */
                vd = &(iso9660->joliet);
-               skipsize = LOGICAL_BLOCK_SIZE * vd->location;
+               skipsize = LOGICAL_BLOCK_SIZE * (int64_t)vd->location;
                skipsize -= iso9660->current_position;
                skipsize = __archive_read_consume(a, skipsize);
                if (skipsize < 0)