-
Type: Bug
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: None
-
None
An integer overflow occurs, with the result converted to a wider integer type
Defect 105074 (STATIC_C)
Checker OVERFLOW_BEFORE_WIDEN (subcategory none)
File: /src/libmongoc/src/mongoc/mongoc-gridfs-bucket-file.c
Function _mongoc_gridfs_bucket_file_save
/src/libmongoc/src/mongoc/mongoc-gridfs-bucket-file.c, line: 549
Potentially overflowing expression "file->curr_chunk * file->chunk_size" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "int64_t" (64 bits, signed).
length = file->curr_chunk * file->chunk_size;