summaryrefslogblamecommitdiff
path: root/user/rrdtool/signedness.patch
blob: ad3451d9f2eb50d04a83eef008d655d5d00fc718 (plain) (tree)






























                                                                           
From b74a0d64e00770384d025e40becdb2ed83c04c0c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Wolfgang=20St=C3=B6ggl?= <c72578@yahoo.de>
Date: Fri, 1 Apr 2022 19:14:49 +0200
Subject: [PATCH] Fix unsigned integer overflow in rrdtool first

This fixes a signed/unsigned conversion bug in the calculation of
"then". Background info:
pdp_cnt and pdp_step are both unsigned long, whereas timer is signed.
When multiplying signed and unsigned integers (same size), a signed is
implicitly typecast to unsigned.

- A similar fix has already been applied to rrd_dump.c
  in commit e193975
- Resolves #1140
---
 src/rrd_first.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/rrd_first.c b/src/rrd_first.c
index 0e93397c3..a696c5c38 100644
--- a/src/rrd_first.c
+++ b/src/rrd_first.c
@@ -113,7 +113,8 @@ time_t rrd_first_r(
     then = (rrd.live_head->last_up -
             rrd.live_head->last_up %
             (rrd.rra_def[rraindex].pdp_cnt * rrd.stat_head->pdp_step)) +
-        (timer * rrd.rra_def[rraindex].pdp_cnt * rrd.stat_head->pdp_step);
+        (timer * (long) rrd.rra_def[rraindex].pdp_cnt *
+         (long) rrd.stat_head->pdp_step);
   err_close:
     rrd_close(rrd_file);
   err_free: