From 7f92ccea5ca5832a1dc63c02fc71db2d698f7915 Mon Sep 17 00:00:00 2001
From: David Chase <drchase@google.com>
Date: Wed, 24 Aug 2022 15:53:40 -0400
Subject: [PATCH] debug/pe: check size in uint64 to avoid overflow

uint32(sz) != n*uint32(ddSz) can go wrong if
the RHS overflows, so do it in wider precision.

Fixes #54640.

Change-Id: I776563330e46de6cdacd4055f6ff08e7de67797f
Reviewed-on: https://go-review.googlesource.com/c/go/+/425364
Reviewed-by: Dan Kortschak <dan@kortschak.io>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Run-TryBot: David Chase <drchase@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
---
 src/debug/pe/file.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/debug/pe/file.go b/src/debug/pe/file.go
index 9181ebdf15..7adf3e122e 100644
--- a/src/debug/pe/file.go
+++ b/src/debug/pe/file.go
@@ -603,8 +603,8 @@ func readOptionalHeader(r io.ReadSeeker, sz uint16) (any, error) {
 // its size and number of data directories as seen in optional header.
 // It parses the given size of bytes and returns given number of data directories.
 func readDataDirectories(r io.ReadSeeker, sz uint16, n uint32) ([]DataDirectory, error) {
-	ddSz := binary.Size(DataDirectory{})
-	if uint32(sz) != n*uint32(ddSz) {
+	ddSz := uint64(binary.Size(DataDirectory{}))
+	if uint64(sz) != uint64(n)*ddSz {
 		return nil, fmt.Errorf("size of data directories(%d) is inconsistent with number of data directories(%d)", sz, n)
 	}
 
-- 
2.50.0