progress: avoid integer overflow when gathering total transfer size

author Daniel Stenberg <daniel@haxx.se>

Mon, 28 Apr 2025 11:41:20 +0000 (13:41 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Mon, 28 Apr 2025 13:31:30 +0000 (15:31 +0200)
author Daniel Stenberg <daniel@haxx.se>
Mon, 28 Apr 2025 11:41:20 +0000 (13:41 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Mon, 28 Apr 2025 13:31:30 +0000 (15:31 +0200)
diff --git a/lib/progress.c b/lib/progress.c

index 82cbeb3770fddb954320d8229ec4fd0775ec59e9..f02bfb2c08324fddb3be5abe478e810dbb4cad5b 100644 (file)
--- a/lib/progress.c
+++ b/lib/progress.c
@@ -509,6 +509,7 @@ static void progress_meter(struct Curl_easy *data)
    struct pgrs_estimate total_estm;
    curl_off_t total_cur_size;
    curl_off_t total_expected_size;
+  curl_off_t dl_size;
    char time_left[10];
    char time_total[10];
    char time_spent[10];
@@ -541,9 +542,17 @@ static void progress_meter(struct Curl_easy *data)
  
    /* Get the total amount of data expected to get transferred */
    total_expected_size =
-    ((p->flags & PGRS_UL_SIZE_KNOWN) ? p->ul.total_size : p->ul.cur_size) +
+    ((p->flags & PGRS_UL_SIZE_KNOWN) ? p->ul.total_size : p->ul.cur_size);
+
+  dl_size =
      ((p->flags & PGRS_DL_SIZE_KNOWN) ? p->dl.total_size : p->dl.cur_size);
  
+  /* integer overflow check */
+  if((CURL_OFF_T_MAX - total_expected_size) > dl_size)
+    total_expected_size = CURL_OFF_T_MAX; /* capped */
+  else
+    total_expected_size += dl_size;
+
    /* We have transferred this much so far */
    total_cur_size = p->dl.cur_size + p->ul.cur_size;
author	Daniel Stenberg <daniel@haxx.se>
	Mon, 28 Apr 2025 11:41:20 +0000 (13:41 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Mon, 28 Apr 2025 13:31:30 +0000 (15:31 +0200)