http2: fix potential integer overflow

Fix report from coverity on potential integer overflow in http2. Signed-off-by: Michael Dawson <mdawson@devrus.com> PR-URL: #42248 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
nodejs · Apr 24, 2022 · d301a88 · d301a88
1 parent 9fa6e44
commit d301a88
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/src/node_http2.cc b/src/node_http2.cc
@@ -197,7 +197,8 @@ Http2Options::Http2Options(Http2State* http2_state, SessionType type) {
   // Important: The maxSessionMemory option in javascript is expressed in
   //            terms of MB increments (i.e. the value 1 == 1 MB)
   if (flags & (1 << IDX_OPTIONS_MAX_SESSION_MEMORY))
-    set_max_session_memory(buffer[IDX_OPTIONS_MAX_SESSION_MEMORY] * 1000000);
+    set_max_session_memory(buffer[IDX_OPTIONS_MAX_SESSION_MEMORY] *
+                           static_cast<uint64_t>(1000000));
 
   if (flags & (1 << IDX_OPTIONS_MAX_SETTINGS)) {
     nghttp2_option_set_max_settings(