midx.c: prevent overflow in `fill_included_packs_batch()`

In a similar spirit as in previous commits, avoid an integer overflow
when computing the expected size of a MIDX.

(Note that this is also OK as-is, since `p->pack_size` is an `off_t`, so
this computation should already be done as 64-bit integers. But again,
let's use `st_mult()` to make this fact clear).

Signed-off-by: Taylor Blau <me@ttaylorr.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/midx.c b/midx.c
index 606e3ae79e8d40469a7a306064ee1874ee27b10a..067482a98cc42743c37c4fae2aed77110e13ee5a 100644 (file)
--- a/midx.c
+++ b/midx.c
@@ -1994,8 +1994,8 @@ static int fill_included_packs_batch(struct repository *r,
                if (open_pack_index(p) || !p->num_objects)
                        continue;
 
-               expected_size = (size_t)(p->pack_size
-                                        * pack_info[i].referenced_objects);
+               expected_size = st_mult(p->pack_size,
+                                       pack_info[i].referenced_objects);
                expected_size /= p->num_objects;
 
                if (expected_size >= batch_size)