Integer overflow in handling of -l (length) and -D (delay) parameter #13
Description
beep contains integer overflows in the handling of the length and delay parameters.
To test compile beep with ubsan:
clang -fsanitize=undefined beep.c -o beep
And try:
./beep -l 2147483647
beep.c:299:16: runtime error: signed integer overflow: 1000 * 2147483647 cannot be represented in type 'int'
or
./beep -D 2147483647
beep.c:302:19: runtime error: signed integer overflow: 1000 * 2147483647 cannot be represented in type 'int'
The problem is that the value is multiplied by 1000. Integer overflows are undefined behavior and can thus lead to unpredictable outcome due to compiler optimizations.
This could be made safe by using unsigned variables. They could still overflow, but would "just" wrap around and lead to different values being used. Alternatively of course the inputs could be capped to values that can safely be multiplied within the size of an integer.