From 07848a4456b035b08a41218dcb98f3f7db359a2e Mon Sep 17 00:00:00 2001 From: Pavel Vasilyev Date: Fri, 17 Nov 2023 11:14:48 +0100 Subject: [PATCH] Bluetooth: Mesh: Fix integer overflow Fix potential integer overflow by casting one of operands to int64_t. Coverity-CID: 329961 Fixes #65356 Signed-off-by: Pavel Vasilyev --- subsys/bluetooth/mesh/proxy_srv.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/subsys/bluetooth/mesh/proxy_srv.c b/subsys/bluetooth/mesh/proxy_srv.c index 3a2bad0851e..571144ceaed 100644 --- a/subsys/bluetooth/mesh/proxy_srv.c +++ b/subsys/bluetooth/mesh/proxy_srv.c @@ -697,7 +697,8 @@ static void gatt_proxy_solicited(struct bt_mesh_subnet *sub) int32_t remaining; if (sub->priv_net_id_sent > 0) { - timeout = sub->priv_net_id_sent + MSEC_PER_SEC * bt_mesh_od_priv_proxy_get(); + timeout = sub->priv_net_id_sent + + MSEC_PER_SEC * (int64_t) bt_mesh_od_priv_proxy_get(); remaining = MIN(timeout - now, INT32_MAX); } else { remaining = MSEC_PER_SEC * bt_mesh_od_priv_proxy_get();