Fix: conversion from KB to bytes overflow on arm32

[lttng-tools.git] / src / lib / lttng-ctl / lttng-ctl.cpp

diff --git a/src/lib/lttng-ctl/lttng-ctl.cpp b/src/lib/lttng-ctl/lttng-ctl.cpp
index 684cf466984eabc6fdd973a24a581f7cabaf28e9..1743e7546c1071713aff10d9f10c73ad30ee955a 100644 (file)
--- a/src/lib/lttng-ctl/lttng-ctl.cpp
+++ b/src/lib/lttng-ctl/lttng-ctl.cpp
@@ -14,6 +14,7 @@
 #include <grp.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <stdint.h>
 #include <string.h>
 #include <unistd.h>
 
@@ -290,12 +291,14 @@ end:
        return ret;
 }
 
-static int check_enough_available_memory(size_t num_bytes_requested_per_cpu)
+static enum lttng_error_code check_enough_available_memory(
+               uint64_t num_bytes_requested_per_cpu)
 {
        int ret;
+       enum lttng_error_code ret_code;
        long num_cpu;
-       size_t best_mem_info;
-       size_t num_bytes_requested_total;
+       uint64_t best_mem_info;
+       uint64_t num_bytes_requested_total;
 
        /*
         * Get the number of CPU currently online to compute the amount of
@@ -303,10 +306,18 @@ static int check_enough_available_memory(size_t num_bytes_requested_per_cpu)
         */
        num_cpu = sysconf(_SC_NPROCESSORS_ONLN);
        if (num_cpu == -1) {
-               goto error;
+               ret_code = LTTNG_ERR_FATAL;
+               goto end;
+       }
+
+       if (num_bytes_requested_per_cpu > UINT64_MAX / (uint64_t) num_cpu) {
+               /* Overflow */
+               ret_code = LTTNG_ERR_OVERFLOW;
+               goto end;
        }
 
-       num_bytes_requested_total = num_bytes_requested_per_cpu * num_cpu;
+       num_bytes_requested_total =
+                       num_bytes_requested_per_cpu * (uint64_t) num_cpu;
 
        /*
         * Try to get the `MemAvail` field of `/proc/meminfo`. This is the most
@@ -328,10 +339,18 @@ static int check_enough_available_memory(size_t num_bytes_requested_per_cpu)
                goto success;
        }
 
-error:
-       return -1;
+       /* No valid source of information. */
+       ret_code = LTTNG_ERR_NOMEM;
+       goto end;
+
 success:
-       return best_mem_info >= num_bytes_requested_total;
+       if (best_mem_info >= num_bytes_requested_total) {
+               ret_code = LTTNG_OK;
+       } else {
+               ret_code = LTTNG_ERR_NOMEM;
+       }
+end:
+       return ret_code;
 }
 
 /*
@@ -1580,9 +1599,10 @@ void lttng_channel_destroy(struct lttng_channel *channel)
 int lttng_enable_channel(struct lttng_handle *handle,
                struct lttng_channel *in_chan)
 {
+       enum lttng_error_code ret_code;
        int ret;
        struct lttcomm_session_msg lsm;
-       size_t total_buffer_size_needed_per_cpu = 0;
+       uint64_t total_buffer_size_needed_per_cpu = 0;
 
        /* NULL arguments are forbidden. No default values. */
        if (handle == NULL || in_chan == NULL) {
@@ -1622,10 +1642,20 @@ int lttng_enable_channel(struct lttng_handle *handle,
         * Verify that the amount of memory required to create the requested
         * buffer is available on the system at the moment.
         */
+       if (lsm.u.channel.chan.attr.num_subbuf >
+                       UINT64_MAX / lsm.u.channel.chan.attr.subbuf_size) {
+               /* Overflow */
+               ret = -LTTNG_ERR_OVERFLOW;
+               goto end;
+       }
+
        total_buffer_size_needed_per_cpu = lsm.u.channel.chan.attr.num_subbuf *
                lsm.u.channel.chan.attr.subbuf_size;
-       if (!check_enough_available_memory(total_buffer_size_needed_per_cpu)) {
-               return -LTTNG_ERR_NOMEM;
+       ret_code = check_enough_available_memory(
+                       total_buffer_size_needed_per_cpu);
+       if (ret_code != LTTNG_OK) {
+               ret = -ret_code;
+               goto end;
        }
 
        lsm.cmd_type = LTTNG_ENABLE_CHANNEL;