espressif/openthread
1
0
Fork 0
mirror of https://github.com/espressif/openthread.git synced 2026-06-05 21:14:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

[tcplp] fix code scanning alerts relating to integer overflow in multiplication (#8578)

Browse Source
This commit is contained in:
Sam Kumar
2022-12-22 17:11:10 -08:00
committed by GitHub
parent db0670e033
commit 9bb00f7e2d
1 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
third_party/tcplp/bsdtcp/tcp_input.c
Vendored
+12 -3
View File
@@ -241,8 +241,12 @@ cc_cong_signal(struct tcpcb *tp, struct tcphdr *th, uint32_t type)
tp->t_dupacks = 0;
tp->t_bytes_acked = 0;
EXIT_RECOVERY(tp->t_flags);
/*
* samkumar: I added the cast to uint64_t below to fix an OpenThread
* code scanning alert relating to integer overflow in multiplication.
*/
tp->snd_ssthresh = max(2, min(tp->snd_wnd, tp->snd_cwnd) / 2 /
tp->t_maxseg) * tp->t_maxseg;
tp->t_maxseg) * ((uint64_t) tp->t_maxseg);
tp->snd_cwnd = tp->t_maxseg;
/*
@@ -2013,9 +2017,14 @@ tcp_do_segment(struct ip6_hdr* ip6, struct tcphdr *th, otMessage* msg,
tp->snd_nxt = th->th_ack;
tp->snd_cwnd = tp->t_maxseg;
(void) tcp_output(tp);
/*
* samkumar: I added casts to uint64_t below to
* fix an OpenThread code scanning alert relating
* to integer overflow in multiplication.
*/
tp->snd_cwnd = tp->snd_ssthresh +
tp->t_maxseg *
(tp->t_dupacks - tp->snd_limited);
((uint64_t) tp->t_maxseg) *
((uint64_t) (tp->t_dupacks - tp->snd_limited));
#ifdef INSTRUMENT_TCP
tcplp_sys_log("TCP SET_cwnd %d", (int) tp->snd_cwnd);
#endif