From 2a577970b625bfdcc4c03827cf7c93bc0348af55 Mon Sep 17 00:00:00 2001
From: Stephen Heumann <heumann1@illinois.edu>
Date: Thu, 6 Feb 2020 23:56:57 -0600
Subject: [PATCH] Avoid integer overflow in suffix-processing code.

---
 include/libbb.h | 2 +-
 libbb/xatonum.c | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/include/libbb.h b/include/libbb.h
index 617b5e5b0..f847d264d 100644
--- a/include/libbb.h
+++ b/include/libbb.h
@@ -725,7 +725,7 @@ void generate_uuid(uint8_t *buf) FAST_FUNC;
 /* Last element is marked by mult == 0 */
 struct suffix_mult {
 	char suffix[4];
-	unsigned mult;
+	unsigned long mult;
 };
 extern const struct suffix_mult bkm_suffixes[];
 #define km_suffixes (bkm_suffixes + 1)
diff --git a/libbb/xatonum.c b/libbb/xatonum.c
index 5f32db432..1644b8250 100644
--- a/libbb/xatonum.c
+++ b/libbb/xatonum.c
@@ -67,7 +67,7 @@ uint16_t FAST_FUNC xatou16(const char *numstr)
 const struct suffix_mult bkm_suffixes[] = {
 	{ "b", 512 },
 	{ "k", 1024 },
-	{ "m", 1024*1024 },
+	{ "m", 1024L*1024 },
 	{ "", 0 }
 };
 
@@ -83,10 +83,10 @@ const struct suffix_mult cwbkMG_suffixes[] = {
 	{ "K", 1024 },  /* compat with coreutils dd */
 	{ "MB", 1000000 },
 	{ "MD", 1000000 },
-	{ "M", 1024*1024 },
+	{ "M", 1024L*1024 },
 	{ "GB", 1000000000 },
 	{ "GD", 1000000000 },
-	{ "G", 1024*1024*1024 },
+	{ "G", 1024L*1024*1024 },
 	/* "D" suffix for decimal is not in coreutils manpage, looks like it's deprecated */
 	/* coreutils also understands TPEZY suffixes for tera- and so on, with B suffix for decimal */
 	{ "", 0 }