Overview

File sysstat-CVE-2019-16167.patch of Package sysstat.19913

Index: sysstat-12.0.6/sa_common.c
===================================================================
--- sysstat-12.0.6.orig/sa_common.c
+++ sysstat-12.0.6/sa_common.c
@@ -1298,6 +1298,10 @@ void remap_struct(unsigned int gtypes_nr
 	/* Remap [unsigned] long fields */
 	d = gtypes_nr[0] - ftypes_nr[0];
 	if (d) {
+		if (ftypes_nr[0] * ULL_ALIGNMENT_WIDTH < ftypes_nr[0])
+			/* Overflow */
+			return;
+
 		n = MINIMUM(f_size - ftypes_nr[0] * ULL_ALIGNMENT_WIDTH,
 			    g_size - gtypes_nr[0] * ULL_ALIGNMENT_WIDTH);
 		if ((ftypes_nr[0] * ULL_ALIGNMENT_WIDTH >= b_size) ||
@@ -1314,6 +1318,11 @@ void remap_struct(unsigned int gtypes_nr
 	/* Remap [unsigned] int fields */
 	d = gtypes_nr[1] - ftypes_nr[1];
 	if (d) {
+		if (gtypes_nr[0] * ULL_ALIGNMENT_WIDTH +
+		    ftypes_nr[1] * UL_ALIGNMENT_WIDTH < ftypes_nr[1])
+			/* Overflow */
+			return;
+
 		n = MINIMUM(f_size - ftypes_nr[0] * ULL_ALIGNMENT_WIDTH
 				   - ftypes_nr[1] * UL_ALIGNMENT_WIDTH,
 			    g_size - gtypes_nr[0] * ULL_ALIGNMENT_WIDTH
@@ -1338,6 +1347,12 @@ void remap_struct(unsigned int gtypes_nr
 	/* Remap possible fields (like strings of chars) following int fields */
 	d = gtypes_nr[2] - ftypes_nr[2];
 	if (d) {
+		if (gtypes_nr[0] * ULL_ALIGNMENT_WIDTH +
+		    gtypes_nr[1] * UL_ALIGNMENT_WIDTH +
+		    ftypes_nr[2] * U_ALIGNMENT_WIDTH < ftypes_nr[2])
+			/* Overflow */
+			return;
+
 		n = MINIMUM(f_size - ftypes_nr[0] * ULL_ALIGNMENT_WIDTH
 				   - ftypes_nr[1] * UL_ALIGNMENT_WIDTH
 				   - ftypes_nr[2] * U_ALIGNMENT_WIDTH,
openSUSE Build Service is sponsored by
Places