From: Theodore Ts'o <tytso@mit.edu>
Date: Wed, 26 Feb 2025 04:08:55 +0000 (-0500)
Subject: lsattr: fix potential 32-bit integer overflow warning
X-Git-Tag: v1.47.3-rc1~118
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a0ae27b8bfd2cbf239aa1af39869f63e47f9350b;p=thirdparty%2Fe2fsprogs.git

lsattr: fix potential 32-bit integer overflow warning

This can't happen in practice due to MAXPATHNAMELEN constraints, but
gcc is too dumb to know that.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---

diff --git a/misc/lsattr.c b/misc/lsattr.c
index 72f4c681..a5b11fc5 100644
--- a/misc/lsattr.c
+++ b/misc/lsattr.c
@@ -141,9 +141,13 @@ static int lsattr_dir_proc (const char * dir_name, struct dirent * de,
 {
 	STRUCT_STAT	st;
 	char *path;
-	int dir_len = strlen(dir_name);
+	size_t dir_len = strlen(dir_name), name_len = strlen (de->d_name);
 
-	path = malloc(dir_len + strlen (de->d_name) + 2);
+	if ((dir_len > 1024 * 1024 * 1024) ||
+	    (name_len > 1024 * 1024 * 1024))
+		return -1;
+
+	path = malloc(dir_len + name_len + 2);
 	if (!path) {
 		fputs(_("Couldn't allocate path variable in lsattr_dir_proc\n"),
 			stderr);