From d2410624ddb5085df2fe9169d82850c944a45564 Mon Sep 17 00:00:00 2001
From: Tony Mountifield <tony@mountifield.org>
Date: Wed, 26 Jan 2022 18:32:10 +0000
Subject: [PATCH 1/2] Avoid CodeQL warning about multiplication overflow

---
 src/buffer.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/buffer.cpp b/src/buffer.cpp
index c937aa1000..3258438d44 100644
--- a/src/buffer.cpp
+++ b/src/buffer.cpp
@@ -146,7 +146,7 @@ bool CNetBuf::Put ( const CVector<uint8_t>& vecbyData, int iInSize )
         const int iNumBlocks = /* floor */ ( iInSize / iBlockSize );
 
         // copy new data in internal buffer
-        for ( int iBlock = 0; iBlock < iNumBlocks; iBlock++ )
+        for ( long iBlock = 0; iBlock < iNumBlocks; iBlock++ )
         {
             // extract sequence number of current received block (per definition
             // the sequence number is appended after the coded audio data)
@@ -263,7 +263,7 @@ bool CNetBuf::Put ( const CVector<uint8_t>& vecbyData, int iInSize )
         // copy new data in internal buffer
         const int iNumBlocks = iInSize / iBlockSize;
 
-        for ( int iBlock = 0; iBlock < iNumBlocks; iBlock++ )
+        for ( long iBlock = 0; iBlock < iNumBlocks; iBlock++ )
         {
             // for simultion buffer only update pointer, no data copying
             if ( !bIsSimulation )

From 85e3c4c9a5dd503eefcc71105916b5c077bd6bd6 Mon Sep 17 00:00:00 2001
From: Tony Mountifield <tony@mountifield.org>
Date: Thu, 27 Jan 2022 10:02:56 +0000
Subject: [PATCH 2/2] Added explanatory comments

Co-authored-by: Christian Hoffmann <christian@hoffie.info>
---
 src/buffer.cpp | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/buffer.cpp b/src/buffer.cpp
index 3258438d44..8b39512791 100644
--- a/src/buffer.cpp
+++ b/src/buffer.cpp
@@ -146,6 +146,7 @@ bool CNetBuf::Put ( const CVector<uint8_t>& vecbyData, int iInSize )
         const int iNumBlocks = /* floor */ ( iInSize / iBlockSize );
 
         // copy new data in internal buffer
+        // iBlock is a long to avoid overflowing a mulitplication later in the code
         for ( long iBlock = 0; iBlock < iNumBlocks; iBlock++ )
         {
             // extract sequence number of current received block (per definition
@@ -263,6 +264,7 @@ bool CNetBuf::Put ( const CVector<uint8_t>& vecbyData, int iInSize )
         // copy new data in internal buffer
         const int iNumBlocks = iInSize / iBlockSize;
 
+        // iBlock is a long to avoid overflowing a mulitplication later in the code
         for ( long iBlock = 0; iBlock < iNumBlocks; iBlock++ )
         {
             // for simultion buffer only update pointer, no data copying