dsp: firmware_update: Avoid integer overflow A large fw_device_pkg_data_length could cause uint16_t calc_min_record_length to wrap around. Instead use a size_t. Change-Id: I1e0ee5a350d82cb477fd0955a11ded659a5c5933 Signed-off-by: Matt Johnston <matt@codeconstruct.com.au>

commit: c4d1c8bc877d7c6613e313d0c66700b4a9755359 [log] [tgz]
author: Matt Johnston <matt@codeconstruct.com.au> Wed Dec 18 11:16:55 2024 +0800
committer: Andrew Jeffery <andrew@codeconstruct.com.au> Fri Dec 20 06:23:03 2024 +0000
tree: 10cfbdc370f99d081ceb640268ca2560f9bd509c
parent: cf9a2df37762189674b04aabaa371cae7d0a92aa [diff]
diff --git a/src/dsp/firmware_update.c b/src/dsp/firmware_update.c
index 5c57171..09c4f66 100644
--- a/src/dsp/firmware_update.c
+++ b/src/dsp/firmware_update.c

@@ -436,7 +436,7 @@
 	uint16_t applicable_components_length =
 		component_bitmap_bit_length /
 		PLDM_FWUP_COMPONENT_BITMAP_MULTIPLE;
-	uint16_t calc_min_record_length =
+	size_t calc_min_record_length =
 		sizeof(struct pldm_firmware_device_id_record) +
 		applicable_components_length +
 		data_record->comp_image_set_version_string_length +
commit	c4d1c8bc877d7c6613e313d0c66700b4a9755359	[log] [tgz]
author	Matt Johnston <matt@codeconstruct.com.au>	Wed Dec 18 11:16:55 2024 +0800
committer	Andrew Jeffery <andrew@codeconstruct.com.au>	Fri Dec 20 06:23:03 2024 +0000
tree	10cfbdc370f99d081ceb640268ca2560f9bd509c
parent	cf9a2df37762189674b04aabaa371cae7d0a92aa [diff]