Multiplication result converted to larger type (Mitigate Arithmetic Overflow in Memory Allocation)

[Shivam7-1]

In This PR a potential vulnerability related to arithmetic overflow in the lodepng_malloc call. The multiplication of w * h * (bit16 ? 8 : 4) might result in overflow before the conversion to size_t, leading to unexpected behavior or security risks.

Modified the code to ensure safe multiplication by explicitly casting w and h to size_t before performing the arithmetic operation.

The explicit casting to size_t helps prevent arithmetic overflow by ensuring that the multiplication is performed using a larger integer type, reducing the risk of unexpected behavior or security vulnerabilities, especially in memory allocation scenarios.

Exact Security Issue: Arithmetic overflow can lead to allocating less memory than required, which can cause buffer overflows when the memory is accessed. Buffer overflows are well-known security vulnerabilities that can be exploited to execute arbitrary code, cause a program to crash, or lead to other undefined behavior.

[Shivam7-1]

hi @google-admin Could anyone Review above PR Thanks

[Shivam7-1]

Hi @lvandeve Could You Please Review Above PR

Thanks & Regards

[jibsen]

Not a maintainer of this project, but just a few observations about your PR:

• There are platforms (for instance Windows x86) where unsigned and size_t are the same size.
• Even if w * h does not overflow, multiplying it by 4 or 8 may.
• There are many functions in this library that perform a similar computation.