From ec93758c0ba074a6d290b38f016348f32274f496 Mon Sep 17 00:00:00 2001
From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Date: Tue, 17 May 2016 09:11:39 -0400
Subject: [PATCH] Fix: Integer overflowed argument
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Found by Coverity:

CID 1242317 (#1 of 2): Integer overflowed argument (INTEGER_OVERFLOW)25.
overflow_sink: Overflowed or truncated value (or a value computed from
an overflowed or truncated value) new_nbmem * 304UL used as critical
argument to function.

CID 1242317 (#2 of 2): Integer overflowed argument (INTEGER_OVERFLOW)27.
overflow_sink: Overflowed or truncated value (or a value computed from
an overflowed or truncated value) (new_nbmem - nbmem) * 304UL used as
critical argument to function.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
---
 src/bin/lttng-sessiond/syscall.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/bin/lttng-sessiond/syscall.c b/src/bin/lttng-sessiond/syscall.c
index a994da52b..b5525640a 100644
--- a/src/bin/lttng-sessiond/syscall.c
+++ b/src/bin/lttng-sessiond/syscall.c
@@ -82,7 +82,7 @@ int syscall_init_table(void)
 
 			/* Double memory size. */
 			new_nbmem = max(index, nbmem << 1);
-			if (new_nbmem < nbmem) {
+			if (new_nbmem > (SIZE_MAX / sizeof(*new_list))) {
 				/* Overflow, stop everything, something went really wrong. */
 				ERR("Syscall listing memory size overflow. Stopping");
 				free(syscall_table);
-- 
2.34.1