Add a few tainted data info for coverity to avoid warnings.

If sysconf is lying, then anything can happen.
But check for overflow anyway.

Device/partition offset overflow for IV can only cause
bad decryption (expected).

2 files changed, 19 insertions, 8 deletions

diff --git a/lib/utils.c b/lib/utils.c
index e9d5b5b5..403a431e 100644
--- a/lib/utils.c
+++ b/lib/utils.c
@@ -45,34 +45,44 @@ unsigned crypt_cpusonline(void)
 uint64_t crypt_getphysmemory_kb(void)
 {
 	long pagesize, phys_pages;
-	uint64_t phys_memory_kb;
+	uint64_t phys_memory_kb, page_size_kb;
 
 	pagesize = sysconf(_SC_PAGESIZE);
 	phys_pages = sysconf(_SC_PHYS_PAGES);
 
-	if (pagesize < 0 || phys_pages < 0)
+	if (pagesize <= 0 || phys_pages <= 0)
 		return 0;
 
-	phys_memory_kb = pagesize / 1024;
-	phys_memory_kb *= phys_pages;
+	page_size_kb = pagesize / 1024;
+	phys_memory_kb = page_size_kb * phys_pages;
 
+	/* sanity check for overflow */
+	if (phys_memory_kb / phys_pages != page_size_kb)
+		return 0;
+
+	/* coverity[return_overflow:FALSE] */
 	return phys_memory_kb;
 }
 
 uint64_t crypt_getphysmemoryfree_kb(void)
 {
 	long pagesize, phys_pages;
-	uint64_t phys_memoryfree_kb;
+	uint64_t phys_memoryfree_kb, page_size_kb;
 
 	pagesize = sysconf(_SC_PAGESIZE);
 	phys_pages = sysconf(_SC_AVPHYS_PAGES);
 
-	if (pagesize < 0 || phys_pages < 0)
+	if (pagesize <= 0 || phys_pages <= 0)
 		return 0;
 
-	phys_memoryfree_kb = pagesize / 1024;
-	phys_memoryfree_kb *= phys_pages;
+	page_size_kb = pagesize / 1024;
+	phys_memoryfree_kb = page_size_kb * phys_pages;
+
+	/* sanity check for overflow */
+	if (phys_memoryfree_kb / phys_pages != page_size_kb)
+		return 0;
 
+	/* coverity[return_overflow:FALSE] */
 	return phys_memoryfree_kb;
 }
 
diff --git a/lib/utils_devpath.c b/lib/utils_devpath.c
index 05db27ca..3cf015f7 100644
--- a/lib/utils_devpath.c
+++ b/lib/utils_devpath.c
@@ -281,6 +281,7 @@ uint64_t crypt_dev_partition_offset(const char *dev_path)
 			      &val, "start"))
 		return 0;
 
+	/* coverity[tainted_data_return:FALSE] */
 	return val;
 }