For machines where sizeof(size_t) == sizeof(int) there is a possible overflow
which could cause a crash.
For machines where sizeof(size_t) > sizeof(int), the existing checks adequately
detect the situation.
Fixes #16899
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16904)
case OPT_MULTI:
#ifndef NO_FORK
multi = atoi(opt_arg());
+ if ((size_t)multi >= SIZE_MAX / sizeof(int)) {
+ BIO_printf(bio_err, "%s: multi argument too large\n", prog);
+ return 0;
+ }
#endif
break;
case OPT_ASYNCJOBS: