From ffa2632dcd2ea26823f4bf81e548b1a2a288051f Mon Sep 17 00:00:00 2001
From: Collin Funk <collin.funk1@gmail.com>
Date: Sun, 26 Oct 2025 12:20:01 -0700
Subject: [PATCH] maint: prefer ckd_add for overflow checks

* src/cksum.c (cksum_slice8, crc32b_sum_stream): Use ckd_add to check
for overflow.
* src/cksum_avx2.c (cksum_avx2): Likewise.
* src/cksum_avx512.c (cksum_avx512): Likewise.
* src/cksum_pclmul.c (cksum_pclmul): Likewise.
* src/cksum_vmull.c (cksum_vmull): Likewise.
---
 src/cksum.c        | 6 ++----
 src/cksum_avx2.c   | 3 +--
 src/cksum_avx512.c | 3 +--
 src/cksum_pclmul.c | 3 +--
 src/cksum_vmull.c  | 3 +--
 5 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/src/cksum.c b/src/cksum.c
index fba33f688d..a74af07a08 100644
--- a/src/cksum.c
+++ b/src/cksum.c
@@ -239,12 +239,11 @@ cksum_slice8 (FILE *fp, uint_fast32_t *crc_out, uintmax_t *length_out)
     {
       uint32_t *datap;
 
-      if (length + bytes_read < length)
+      if (ckd_add (&length, length, bytes_read))
         {
           errno = EOVERFLOW;
           return false;
         }
-      length += bytes_read;
 
       /* Process multiples of 8 bytes */
       datap = (uint32_t *)buf;
@@ -335,12 +334,11 @@ crc32b_sum_stream (FILE *stream, void *resstream, uintmax_t *reslen)
 
   while ((bytes_read = fread (buf, 1, BUFLEN, stream)) > 0)
     {
-      if (len + bytes_read < len)
+      if (ckd_add (&len, len, bytes_read))
         {
           errno = EOVERFLOW;
           return -1;
         }
-      len += bytes_read;
 
       crc = crc32_update (crc, (char const *)buf, bytes_read);
 
diff --git a/src/cksum_avx2.c b/src/cksum_avx2.c
index b50a5de1a9..23ecc66e52 100644
--- a/src/cksum_avx2.c
+++ b/src/cksum_avx2.c
@@ -68,12 +68,11 @@ cksum_avx2 (FILE *fp, uint_fast32_t *crc_out, uintmax_t *length_out)
 
       __m256i *datap;
 
-      if (length + bytes_read < length)
+      if (ckd_add (&length, length, bytes_read))
         {
           errno = EOVERFLOW;
           return false;
         }
-      length += bytes_read;
 
       datap = (__m256i *)buf;
 
diff --git a/src/cksum_avx512.c b/src/cksum_avx512.c
index e62c3e3ac1..df6abf5695 100644
--- a/src/cksum_avx512.c
+++ b/src/cksum_avx512.c
@@ -75,12 +75,11 @@ cksum_avx512 (FILE *fp, uint_fast32_t *crc_out, uintmax_t *length_out)
 
       __m512i *datap;
 
-      if (length + bytes_read < length)
+      if (ckd_add (&length, length, bytes_read))
         {
           errno = EOVERFLOW;
           return false;
         }
-      length += bytes_read;
 
       datap = (__m512i *)buf;
 
diff --git a/src/cksum_pclmul.c b/src/cksum_pclmul.c
index c47bb9f849..240d475fcc 100644
--- a/src/cksum_pclmul.c
+++ b/src/cksum_pclmul.c
@@ -66,12 +66,11 @@ cksum_pclmul (FILE *fp, uint_fast32_t *crc_out, uintmax_t *length_out)
       __m128i fold_data;
       __m128i xor_crc;
 
-      if (length + bytes_read < length)
+      if (ckd_add (&length, length, bytes_read))
         {
           errno = EOVERFLOW;
           return false;
         }
-      length += bytes_read;
 
       datap = (__m128i *)buf;
 
diff --git a/src/cksum_vmull.c b/src/cksum_vmull.c
index fb3b6dcdd4..fddfaa47b9 100644
--- a/src/cksum_vmull.c
+++ b/src/cksum_vmull.c
@@ -72,12 +72,11 @@ cksum_vmull (FILE *fp, uint_fast32_t *crc_out, uintmax_t *length_out)
       uint64x2_t fold_data;
       uint64x2_t xor_crc;
 
-      if (length + bytes_read < length)
+      if (ckd_add (&length, length, bytes_read))
         {
           errno = EOVERFLOW;
           return false;
         }
-      length += bytes_read;
 
       datap = (uint64x2_t *) buf;
 
-- 
2.47.3