From ccb6b4f943b51be496d0f1d6499bf7153e12e20d Mon Sep 17 00:00:00 2001
From: Arda Cinar <kuzux92@gmail.com>
Date: Thu, 15 Dec 2022 16:21:25 +0300
Subject: [PATCH] AK: Make sure no overflow occurs in
 number_string_with_one_decimal

A possible integer overflow might have occured inside the function in
case (number % unit) * 10 did not fit into a u64. So it is verified that
this does not happen at the beginning of the function.
---
 AK/NumberFormat.cpp | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/AK/NumberFormat.cpp b/AK/NumberFormat.cpp
index fd31ee01a65..66d41cf3574 100644
--- a/AK/NumberFormat.cpp
+++ b/AK/NumberFormat.cpp
@@ -4,8 +4,10 @@
  * SPDX-License-Identifier: BSD-2-Clause
  */
 
+#include <AK/Assertions.h>
 #include <AK/DeprecatedString.h>
 #include <AK/NumberFormat.h>
+#include <AK/NumericLimits.h>
 #include <AK/StringView.h>
 
 namespace AK {
@@ -13,8 +15,12 @@ namespace AK {
 // FIXME: Remove this hackery once printf() supports floats.
 static DeprecatedString number_string_with_one_decimal(u64 number, u64 unit, StringView suffix)
 {
-    int decimal = (number % unit) * 10 / unit;
-    return DeprecatedString::formatted("{}.{} {}", number / unit, decimal, suffix);
+    constexpr auto max_unit_size = NumericLimits<u64>::max() / 10;
+    VERIFY(unit < max_unit_size);
+
+    auto integer_part = number / unit;
+    auto decimal_part = (number % unit) * 10 / unit;
+    return DeprecatedString::formatted("{}.{} {}", integer_part, decimal_part, suffix);
 }
 
 DeprecatedString human_readable_quantity(u64 quantity, StringView unit)