From 42e2b56c4ede3ab164f9a5c6dae02aa84606a6c1 Mon Sep 17 00:00:00 2001
From: Wayne Davison <wayne@opencoder.net>
Date: Tue, 5 Nov 2024 11:01:03 -0800
Subject: [PATCH] Another cast when multiplying integers.

CVE: CVE-2024-12084

Upstream-Status: Backport [https://git.samba.org/?p=rsync.git;a=commit;h=42e2b56c4ede3ab164f9a5c6dae02aa84606a6c1]

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
 rsync.h  | 2 +-
 sender.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/rsync.h b/rsync.h
index 8ddbe702..0f9e277f 100644
--- a/rsync.h
+++ b/rsync.h
@@ -982,7 +982,7 @@ struct map_struct {
	int status;		/* first errno from read errors		*/
 };

-#define sum2_at(s, i)	((s)->sum2_array + ((OFF_T)(i) * xfer_sum_len))
+#define sum2_at(s, i)	((s)->sum2_array + ((size_t)(i) * xfer_sum_len))

 #define NAME_IS_FILE		(0)    /* filter name as a file */
 #define NAME_IS_DIR		(1<<0) /* filter name as a dir */
diff --git a/sender.c b/sender.c
index ab205341..2bbff2fa 100644
--- a/sender.c
+++ b/sender.c
@@ -95,7 +95,7 @@ static struct sum_struct *receive_sums(int f)
		return(s);

	s->sums = new_array(struct sum_buf, s->count);
-	s->sum2_array = new_array(char, s->count * xfer_sum_len);
+	s->sum2_array = new_array(char, (size_t)s->count * xfer_sum_len);

	for (i = 0; i < s->count; i++) {
		s->sums[i].sum1 = read_int(f);
--
2.40.0