Found by Coverity:
2. overflow: Subtract operation overflows on operands bit_offset and 1UL.
CID
1377278 (#1 of 1): Overflowed return value (INTEGER_OVERFLOW).
overflow_sink: Overflowed or truncated value (or a value computed from
an overflowed or truncated value) bt_ctf_stream_pos_move(pos, ({...}))
used as return value.
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
/* Writes may take place up to the end of the packet. */
max_len = pos->packet_size;
}
+ if (unlikely(pos->offset < 0 || bit_len > INT64_MAX - pos->offset)) {
+ return 0;
+ }
if (unlikely(pos->offset + bit_len > max_len))
return 0;
return 1;