From: Willy Tarreau <w@1wt.eu>
Date: Tue, 24 May 2022 05:43:57 +0000 (+0200)
Subject: CLEANUP: init: address a coverity warning about possible multiply overflow
X-Git-Tag: v2.6-dev12~143
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2cb3be76b;p=thirdparty%2Fhaproxy.git

CLEANUP: init: address a coverity warning about possible multiply overflow

In issue #1585 Coverity suspects a risk of multiply overflow when
calculating the SSL cache size, though in practice the cache is
limited to 2^32 anyway thus it cannot really happen. Nevertheless,
casting the operation should be sufficient to avoid marking it as a
false positive.
---

diff --git a/src/haproxy.c b/src/haproxy.c
index 1d6612619e..130bc9b354 100644
--- a/src/haproxy.c
+++ b/src/haproxy.c
@@ -2302,7 +2302,7 @@ static void init(int argc, char **argv)
 		int64_t mem = global.rlimit_memmax * 1048576ULL;
 		int retried = 0;
 
-		mem -= global.tune.sslcachesize * 200; // about 200 bytes per SSL cache entry
+		mem -= global.tune.sslcachesize * 200ULL; // about 200 bytes per SSL cache entry
 		mem -= global.maxzlibmem;
 		mem = mem * MEM_USABLE_RATIO;